diff options
| -rw-r--r-- | docs/XMLRPC/XMLRPC | 4 | ||||
| -rw-r--r-- | modules/m_xmlrpc.cpp | 37 |
2 files changed, 37 insertions, 4 deletions
diff --git a/docs/XMLRPC/XMLRPC b/docs/XMLRPC/XMLRPC index a183af097..95a18abc4 100644 --- a/docs/XMLRPC/XMLRPC +++ b/docs/XMLRPC/XMLRPC @@ -3,8 +3,8 @@ This allows external applications, such as websites, to execute remote procedure Currently there are 5 supported XMLRPC calls, provided by m_xmlrpc_main: -checkAuthetication - Takes two parameters, an account name and a password. Checks if the account name is valid and the password - is correct for the account name, useful for making login pages on websites. +checkAuthentication - Takes two parameters, an account name and a password. Checks if the account name is valid and the password + is correct for the account name, useful for making login pages on websites. command - Takes three parameters, a service name (BotServ, ChanServ, NickServ), a user name (whether online or not), and the command to execute. This will execute a the given command to Anope using the given service name. If the user given is online, the diff --git a/modules/m_xmlrpc.cpp b/modules/m_xmlrpc.cpp index 1d08bed43..2fd900e61 100644 --- a/modules/m_xmlrpc.cpp +++ b/modules/m_xmlrpc.cpp @@ -53,6 +53,39 @@ class MyXMLRPCServiceInterface : public XMLRPCServiceInterface, public HTTPPage return ret; } + static Anope::string Unescape(const Anope::string &string) + { + Anope::string ret = string; + for (int i = 0; special[i].character.empty() == false; ++i) + if (!special[i].replace.empty()) + ret = ret.replace_all_cs(special[i].replace, special[i].character); + + for (size_t i, last = 0; (i = string.find("&#", last)) != Anope::string::npos;) + { + last = i + 1; + + size_t end = string.find(';', i); + if (end == Anope::string::npos) + break; + + Anope::string ch = string.substr(i + 2, end - (i + 2)); + + if (ch.empty()) + continue; + + long l; + if (!ch.empty() && ch[0] == 'x') + l = strtol(ch.substr(1).c_str(), NULL, 16); + else + l = strtol(ch.c_str(), NULL, 10); + + if (l > 0 && l < 256) + ret = ret.replace_all_cs("&#" + ch + ";", Anope::string(l)); + } + + return ret; + } + private: static bool GetData(Anope::string &content, Anope::string &tag, Anope::string &data) { @@ -98,8 +131,8 @@ class MyXMLRPCServiceInterface : public XMLRPCServiceInterface, public HTTPPage } while (istag && !content.empty()); - tag = prev; - data = cur; + tag = Unescape(prev); + data = Unescape(cur); return !istag && !data.empty(); } |