0012180: fix broken xml input
authorPhilipp Schüle <p.schuele@metaways.de>
Thu, 18 Sep 2014 13:02:04 +0000 (15:02 +0200)
committerPhilipp Schüle <p.schuele@metaways.de>
Wed, 7 Sep 2016 17:08:09 +0000 (19:08 +0200)
* adds helper function for filtering invalid chars

https://forge.tine20.org/view.php?id=12180

Change-Id: Iaad1a610ea719ddfcf85c53cf3ac2c44fa09013c
Reviewed-on: http://gerrit.tine20.com/customers/3527
Tested-by: Jenkins CI (http://ci.tine20.com/)
Reviewed-by: Philipp Schüle <p.schuele@metaways.de>
tests/tine20/Calendar/Import/CalDAVTest.php
tests/tine20/Calendar/Import/files/broken_ics.xml [new file with mode: 0644]
tine20/Tinebase/Helper.php
tine20/Tinebase/Import/CalDav/Client.php

index 94b4644..41d0582 100644 (file)
@@ -124,4 +124,14 @@ class Calendar_Import_CalDAVTest extends Calendar_TestCase
         $updatedEvent = $events->filter('etag', '"aa3621a20e9045d8679075db57e881dd"')->getFirstRecord();
         $this->assertEquals('test update', $updatedEvent->summary);
     }
         $updatedEvent = $events->filter('etag', '"aa3621a20e9045d8679075db57e881dd"')->getFirstRecord();
         $this->assertEquals('test update', $updatedEvent->summary);
     }
+    
+    /**
+     * testBrokenXml
+     */
+    public function testBrokenXml()
+    {
+        $brokenBody = file_get_contents(dirname(__FILE__) . '/files/broken_ics.xml');
+        $result = $this->_getUit()->parseMultiStatus($brokenBody);
+        $this->assertTrue(is_array($result));
+    }
 }
 }
diff --git a/tests/tine20/Calendar/Import/files/broken_ics.xml b/tests/tine20/Calendar/Import/files/broken_ics.xml
new file mode 100644 (file)
index 0000000..48b38f2
--- /dev/null
@@ -0,0 +1,44 @@
+<?xml version='1.0' encoding='UTF-8'?><multistatus xmlns='DAV:'>\r
+  <response>\r
+    <href>/calendars/__uids__/2A2E8D16-F63C-4271-82BC-7833B8696FF4/calendar/C93A3096-0A56-40FC-8350-3A0F592D4915.ics</href>\r
+    <propstat>\r
+      <prop>\r
+        <calendar-data xmlns='urn:ietf:params:xml:ns:caldav'><![CDATA[BEGIN:VCALENDAR\r
+VERSION:2.0\r
+PRODID:-//Apple Inc.//iCal 3.0//EN\r
+CALSCALE:GREGORIAN\r
+BEGIN:VTIMEZONE\r
+TZID:Europe/Madrid\r
+BEGIN:DAYLIGHT\r
+TZOFFSETFROM:+0100\r
+TZOFFSETTO:+0200\r
+DTSTART:19810329T020000\r
+RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=-1SU\r
+TZNAME:CEST\r
+END:DAYLIGHT\r
+BEGIN:STANDARD\r
+TZOFFSETFROM:+0200\r
+TZOFFSETTO:+0100\r
+DTSTART:19961027T030000\r
+RRULE:FREQ=YEARLY;BYMONTH=10;BYDAY=-1SU\r
+TZNAME:CET\r
+END:STANDARD\r
+END:VTIMEZONE\r
+BEGIN:VEVENT\r
+SEQUENCE:2\r
+TRANSP:OPAQUE\r
+UID:C93A3096-0A56-40FC-8350-3A0F592D4915\r
+DTSTART;TZID=Europe/Madrid:20120505T170000\r
+DTSTAMP:20120320T153424Z\r
+SUMMARY:Woman \1d& Work \r
+CREATED:20120320T153341Z\r
+DTEND;TZID=Europe/Madrid:20120505T180000\r
+END:VEVENT\r
+END:VCALENDAR\r
+]]></calendar-data>\r
+        <getetag>"9cacd5312f90d4f5c3353bfa0ad0d3ff"</getetag>\r
+      </prop>\r
+      <status>HTTP/1.1 200 OK</status>\r
+    </propstat>\r
+  </response>\r
+</multistatus>
\ No newline at end of file
index 1d35a86..4522bed 100644 (file)
@@ -4,7 +4,7 @@
  * 
  * @package     Tinebase
  * @license     http://www.gnu.org/licenses/agpl.html AGPL Version 3
  * 
  * @package     Tinebase
  * @license     http://www.gnu.org/licenses/agpl.html AGPL Version 3
- * @copyright   Copyright (c) 2007-2014 Metaways Infosystems GmbH (http://www.metaways.de)
+ * @copyright   Copyright (c) 2007-2016 Metaways Infosystems GmbH (http://www.metaways.de)
  * @author      Cornelius Weiss <c.weiss@metaways.de>
  */
 
  * @author      Cornelius Weiss <c.weiss@metaways.de>
  */
 
@@ -305,4 +305,15 @@ class Tinebase_Helper
         
         return $exists;
     }
         
         return $exists;
     }
+
+    /**
+     * removes characters that are illegal in XML (those characters are not even in CDATA allowed)
+     *
+     * @param string $string
+     * @return string
+     */
+    public static function removeIllegalXMLChars($string)
+    {
+        return preg_replace('/[^\x09\x0A\x0D\x20-\x{D7FF}\x{E000}-\x{FFFD}\x{10000}-\x{10FFFF}]/u', '', $string);
+    }
 }
 }
index 6f0f462..a56de2f 100644 (file)
@@ -288,4 +288,16 @@ class Tinebase_Import_CalDav_Client extends \Sabre\DAV\Client
         
         return $newResult;
     }
         
         return $newResult;
     }
+
+    /**
+     * Parses a WebDAV multistatus response body
+     *
+     * @param string $body xml body
+     * @return array
+     */
+    public function parseMultiStatus($body)
+    {
+        // remove possible broken chars here to avoid simplexml_load_string errors
+        return parent::parseMultiStatus(Tinebase_Helper::removeIllegalXMLChars($body));
+    }
 }
 }