From b0a5b41ff7c7e00f72dbbcab194b5bb364a50b0e Mon Sep 17 00:00:00 2001
From: zarzuelo <zarzuelo@gmail.com>
Date: Thu, 20 Oct 2011 07:56:53 +0000
Subject: [PATCH] 2011-10-20  Sergio Martin <sergio.martin@artica.es>

	* lib/PandoraFMS/Tools.pm: Fixed safe_input and output to
	convert manually several more extended ascii characters.
	Revert the last fix in safe_input because Junichi warn us the
	danger of broke multibyte chars. Thanks Junichi.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@5069 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_server/ChangeLog               |  7 +++++++
 pandora_server/lib/PandoraFMS/Tools.pm | 14 +++++++++++++-
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/pandora_server/ChangeLog b/pandora_server/ChangeLog
index 19f4dbaee2..0bc4c4ed17 100644
--- a/pandora_server/ChangeLog
+++ b/pandora_server/ChangeLog
@@ -1,3 +1,10 @@
+2011-10-20  Sergio Martin <sergio.martin@artica.es>
+
+	* lib/PandoraFMS/Tools.pm: Fixed safe_input and output to
+	convert manually several more extended ascii characters. 
+	Revert the last fix in safe_input because Junichi warn us the
+	danger of broke multibyte chars. Thanks Junichi.
+
 2011-10-19  Sergio Martin <sergio.martin@artica.es>
 
 	* lib/PandoraFMS/Tools.pm: Fixed safe_input function to encode
diff --git a/pandora_server/lib/PandoraFMS/Tools.pm b/pandora_server/lib/PandoraFMS/Tools.pm
index c14ac69465..285b39bf2c 100644
--- a/pandora_server/lib/PandoraFMS/Tools.pm
+++ b/pandora_server/lib/PandoraFMS/Tools.pm
@@ -112,6 +112,12 @@ sub safe_input($) {
 		my $hex = ascii_to_html($i);
 		$value =~ s/$pattern/$hex/gi;		
 	}
+	
+	for (my $i=128;$i<191;$i++) {
+		my $pattern = chr($i);
+		my $hex = ascii_to_html($i);
+		$value =~ s/$pattern/$hex/gi;		
+	}
 
 	#//Replace characteres for tildes and others
 	my $trans = get_html_entities();
@@ -131,7 +137,7 @@ sub safe_input($) {
 sub safe_output($) {
 	my $value = shift;
 
-	$value = decode_entities ($value);
+	$value = decode_entities ($value, "'<>&");
 		
 	#//Replace the character '\' for the equivalent html entitie
 	$value =~ s/&#92;/\\/gi;
@@ -153,6 +159,12 @@ sub safe_output($) {
 		my $hex = ascii_to_html($i);
 		$value =~ s/$hex/$pattern/gi;		
 	}
+	
+	for (my $i=128;$i<191;$i++) {
+		my $pattern = chr($i);
+		my $hex = ascii_to_html($i);
+		$value =~ s/$hex/$pattern/gi;	
+	}
 		
 	#//Replace characteres for tildes and others
 	my $trans = get_html_entities();