Escape characters don’t work in vqgen

February 15th, 2012 | Posted by ChrisG in vQmod

vqgen (downloadable from:  http://www.opencart-extensions.co.uk/vqgen/) is a great little script generator for vQmod that saves you having to write xml files for vQmod…

However while creating xml files using vqgen I noticed that any escape characters in the replacement code wasn’t being included in the generated xml file. This was causing my scripts to fail.

To fix the problem I removed all the stripslashes commands from the code that generates the vqmod xml file.

ie.

in vqgen/inc/actions.php
lines 80 – 131

should read…

// Generate a new file
if(isset($_POST['generatexml'])){
    $file = PATH . stripText($_POST['filename']) . '.xml_';

    $output = '<!-- Created using vQmod XML Generator by UKSB - http://www.opencart-extensions.co.uk //-->'."\n";
    $output .= '<modification>'."\n";
    $output .= "\t" . '<id><![CDATA[' . ($_POST['fileid']) . ']]></id>' . "\n";
    $output .= "\t" . '<version><![CDATA[' . ($_POST['version']) . ']]></version>' . "\n";
    $output .= "\t" . '<vqmver><![CDATA[' . ($_POST['vqmodver']) . ']]></vqmver>' . "\n";
    $output .= "\t" . '<author><![CDATA[' . ($_POST['author']) . ']]></author>';

    foreach ($_POST['file'] as $key => $value){
        if(!isset($_POST['remove_'.$key])){
            $output .= "\n\t" . '<file name="' . ($value) . '">';

            foreach ($_POST['search'][$key] as $key2 => $val) {
                if(!isset($_POST['remove_'.$key.'_'.$key2])){
                    $output .= "\n\t\t" . '<operation>';
                    $output .= "\n\t\t\t" . '<search';
                    $output .= ' position="' . $_POST['position'][$key][$key2] . '"';
                    $output .= ((int)$_POST['offset'][$key][$key2]>0?' offset="'.(int)$_POST['offset'][$key][$key2].'"':'');
                    $output .= ((int)$_POST['index'][$key][$key2]>0?' index="'.(int)$_POST['index'][$key][$key2].'"':'');
                    $output .= ($_POST['error'][$key][$key2]!='abort'?' error="' . $_POST['error'][$key][$key2] . '"':'');
                    $output .= ($_POST['regex'][$key][$key2]=='true'?' regex="true"':'');
                    $output .= '>';
                    $output .= '<![CDATA[' . ($val) . ']]></search>';
                    $output .= "\n\t\t\t" . '<add><![CDATA[' . ($_POST['add'][$key][$key2])  . ']]></add>';
                    $output .= "\n\t\t" . '</operation>';

                    if($_POST['newop'][$key][$key2]>0){
                        for($i=0; $i< $_POST['newop'][$key][$key2]; $i++){
                            $output .= "\n\t\t" . '<operation>';
                            $output .= "\n\t\t\t" . '<search';
                            $output .= ' position="replace">';
                            $output .= '<![CDATA[]]></search>';
                            $output .= "\n\t\t\t" . '<add><![CDATA[]]></add>';
                            $output .= "\n\t\t" . '</operation>';
                        }
                    }
                }
            }
            $output .= "\n\t" . '</file>';
        }
    }
    $output .= "\n" . '</modification>';

    $fp = fopen( $file , "w" );
    $fout = fwrite( $fp , $output );
    fclose( $fp );
    chmod($file, 0777);
    header("Location:./?generated=1&file=" . stripText($_POST['filename']). '.xml_');
}

 

You can follow any responses to this entry through the RSS 2.0 You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply