* Output a single roster item, for roster queries or pushes
*/
void xmpp_roster_item(struct CitContext *cptr) {
- CtdlLogPrintf(CTDL_DEBUG, "\033[32mxmpp_roster_item(%s)\033[0m\n", cptr->cs_inet_email);
+ char xmlbuf1[256];
+ char xmlbuf2[256];
+
cprintf("<item jid=\"%s\" name=\"%s\" subscription=\"both\">",
- cptr->cs_inet_email,
- cptr->user.fullname
+ xmlesc(xmlbuf1, cptr->cs_inet_email, sizeof xmlbuf1),
+ xmlesc(xmlbuf2, cptr->user.fullname, sizeof xmlbuf2)
);
- cprintf("<group>%s</group>", config.c_humannode);
+ cprintf("<group>%s</group>", xmlesc(xmlbuf1, config.c_humannode, sizeof xmlbuf1));
cprintf("</item>");
}
struct CitContext *cptr;
int nContexts, i;
- CtdlLogPrintf(CTDL_DEBUG, "\033[36m ROSTER QUERY !! \033[0m\n");
-
cprintf("<query xmlns=\"jabber:iq:roster\">");
cptr = CtdlGetContextArray(&nContexts);
if (cptr) {
{
int supported_namespace = 0;
int roster_query = 0;
+ char xmlbuf[256];
/* We need to know before we begin the response whether this is a supported namespace, so
* unfortunately all supported namespaces need to be defined here *and* down below where
cprintf("<iq type=\"error\" ");
}
if (!IsEmptyStr(iq_from)) {
- cprintf("to=\"%s\" ", iq_from);
+ cprintf("to=\"%s\" ", xmlesc(xmlbuf, iq_from, sizeof xmlbuf));
}
- cprintf("id=\"%s\">", iq_id);
+ cprintf("id=\"%s\">", xmlesc(xmlbuf, iq_id, sizeof xmlbuf));
/*
* Is this a query we know how to handle?
projects / citadel.git / blobdiff