2c51828e984b15350188d75e9dbabb2025ca2af0
tdreszer
  Fri Jul 16 15:01:19 2010 -0700
Fix obscure bug where apostophe in title was interpreted as close quote - thus screwing up html interpretation
diff --git src/hg/hgTracks/imageV2.c src/hg/hgTracks/imageV2.c
index c843b30..ac93ac2 100644
--- src/hg/hgTracks/imageV2.c
+++ src/hg/hgTracks/imageV2.c
@@ -1382,6 +1382,21 @@
 
 /////////////////////// imageV2 UI API
 
+static char *clenseQuotes( char * quote )
+{
+int size = strlen(quote) + 100;
+char *cleanQuote = needMem(size);
+safecpy(cleanQuote,size,quote);
+// NOTE: While some internal HTML should work, a single quote (') will will screw it all up!
+if (strSwapStrs(cleanQuote, size,"\"",""") == -1) // Shield double quotes
+    strSwapChar(cleanQuote,'"','`');  // ran out of memory, replacing them with (`)
+if (strSwapStrs(cleanQuote, size,"'","'") == -1) // Shield single quotes
+    strSwapChar(cleanQuote,'\'','`');  // ran out of memory, replacing them with (`)
+if (strSwapStrs(cleanQuote, size,"\n","<BR>") == -1) // new lines also break the code
+    strSwapChar(cleanQuote,'\n',' ');  // ran out of memory, replacing them with ( )
+return cleanQuote;
+}
+
 static boolean imageMapDraw(struct mapSet *map,char *name)
 /* writes an image map as HTML */
 {
@@ -1416,7 +1431,7 @@
         warn("map item has no url!");
 
     if(item->title != NULL && strlen(item->title) > 0)
-        hPrintf(" TITLE='%s'", item->title );
+        hPrintf(" TITLE='%s'", clenseQuotes( item->title ) );
     if(item->id != NULL)
         hPrintf(" id='%s'", item->id);
     hPrintf(">" );
@@ -1448,12 +1463,14 @@
         default: warn("unknown slice = %d !",slice->type); break;
         }
     if(slice->type==stData && imgBox->showPortal)
-        hPrintf(" panImg' ondrag='{return false;}");
+        hPrintf(" panImg' ondrag='{return false;}'");
+    else
+        hPrintf("'");
     if(slice->title != NULL)
-        hPrintf("' title='%s",slice->title);           // Adds slice wide title
+        hPrintf(" title='%s'", clenseQuotes( slice->title ) );           // Adds slice wide title
     else if(slice->parentImg->title != NULL)
-        hPrintf("' title='%s",slice->parentImg->title);// Adds image wide title
-    hPrintf("'>");
+        hPrintf("' title='%s'", clenseQuotes( slice->parentImg->title ) );// Adds image wide title
+    hPrintf(">");
     }
 else
     {
@@ -1513,7 +1530,7 @@
     else
         hPrintf("  <A HREF='%s'",slice->link);
     if(slice->title != NULL)
-        hPrintf(" TITLE='Click for %s'", slice->title );
+        hPrintf(" TITLE='Click for %s'", clenseQuotes( slice->title ) );
     hPrintf(">\n" );
     }