diff options
| author | Duncan Parkes <duncan@fury.ukcod.org.uk> | 2011-02-19 01:02:18 +0000 |
|---|---|---|
| committer | Duncan Parkes <duncan@fury.ukcod.org.uk> | 2011-02-19 01:02:18 +0000 |
| commit | d8f3d08b2e1bd840cbbe6424c531dbd38403e0f1 (patch) | |
| tree | db55bd09b3b53573e977456c0c93aba64c427c01 | |
| parent | a7232aeaaa1a75d92bc7271875254eaac660d7c9 (diff) | |
Escape the postcode if it's going in a URL.
| -rwxr-xr-x | web/rss.cgi | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/web/rss.cgi b/web/rss.cgi index 236a383ad..1c4b003fe 100755 --- a/web/rss.cgi +++ b/web/rss.cgi @@ -64,15 +64,17 @@ sub rss_local_problems { my $q = shift; my $pc = $q->param('pc'); - my $pretty_pc = $pc; - # This one isnt't getting the nbsp. As a fallback if pc isn't a postcode, let's - # upper case what's put in. - my $pretty_pc_text = uc($pc); + # As a fallback if pc isn't a postcode, let's upper case it. + my $pretty_pc = uc($pc); + my $pretty_pc_spaceless; if (mySociety::PostcodeUtil::is_valid_postcode($pc)) { $pretty_pc = mySociety::PostcodeUtil::canonicalise_postcode($pc); - $pretty_pc_text = $pretty_pc; - $pretty_pc =~ s/ / /; + $pretty_pc_spaceless = $pretty_pc; + $pretty_pc_spaceless =~ s/ //g; + } else { + $pretty_pc_spaceless = $pretty_pc; } + $pretty_pc_spaceless = URI::Escape::uri_escape_utf8($pretty_pc_spaceless); my $x = $q->param('x'); my $y = $q->param('y'); @@ -121,9 +123,9 @@ sub rss_local_problems { return ''; } else { ( $lat, $lon ) = map { Utils::truncate_coordinate($_) } ( $lat, $lon ); - $qs = "?pc=$pretty_pc_text"; + $qs = "?pc=$pretty_pc_spaceless"; - $title_params{'POSTCODE'} = encode_utf8($pretty_pc_text); + $title_params{'POSTCODE'} = encode_utf8($pretty_pc); } # pass through rather than redirecting. } elsif ( $lat || $lon ) { |