src/hg/lib/jsHelper.c 8bf3bd8ce2aac20d76aced7838628f2a343ad8ff

8bf3bd8ce2aac20d76aced7838628f2a343ad8ff
larrym
  Thu Nov 3 13:15:30 2011 -0700
add replaceRegEx
diff --git src/hg/lib/jsHelper.c src/hg/lib/jsHelper.c
index 7d2ebe3..dbca263 100644
--- src/hg/lib/jsHelper.c
+++ src/hg/lib/jsHelper.c
@@ -364,45 +364,55 @@
 return buf;
 }
 
 /* cgiMakeCheckAllSubmitButton really belongs in cheapcgi.c, but that is compiled without access to jsHelper.h */
 
 void cgiMakeCheckAllSubmitButton(char *name, char *value, char *id, char *idPrefix, boolean state)
 /* Make submit button which uses javascript to apply check all or uncheck all to all
  * checkboxes with given idPrefix.
  * state parameter determines whether to "check all" or "uncheck all" (TRUE means "check all").
  * id parameter may be NULL */
 {
 cgiMakeOnClickSubmitButton(jsCheckAllOnClickHandler(idPrefix, state), name, value);
 }
 
 char *stripRegEx(char *str, char *regEx, int flags)
+{
 /* Strip out text matching regEx from str.
    flags is passed through to regcomp as the cflags argument.
    Returned string should be free'ed after use. */
+return replaceRegEx(str, NULL, regEx, flags);
+}
+
+char *replaceRegEx(char *str, char *replace, char *regEx, int flags)
 {
+/* Replace text matching regEx in str with replace string.
+   flags is passed through to regcomp as the cflags argument.
+   Returned string should be free'ed after use. */
 regex_t re;
 regmatch_t match[1];
 int err = regcomp(&re, regEx, flags);
 if(err)
     errAbort("regcomp failed; err: %d", err);
 struct dyString *dy = newDyString(0);
 size_t len = strlen(str);
 size_t offset = 0;
 while(offset < len && !regexec(&re, str + offset, 1, match, 0))
     {
     dyStringAppendN(dy, str + offset, match[0].rm_so);
+    if(replace != NULL)
+        dyStringAppend(dy, replace);
     offset += match[0].rm_eo;
     }
 if(offset < len)
     {
     dyStringAppend(dy, str + offset);
     }
 regfree(&re);
 return dyStringCannibalize(&dy);
 }
 
 char *jsStripJavascript(char *str)
 /* Strip out anything that looks like javascript in html string.
    This function is designed to cleanup user input (e.g. to avoid XSS attacks).
    In reality, we cannot remove javascript with 100% accuracy, b/c there are many browser
    specific ways of embedding javascript; see http://ha.ckers.org/xss.html for many, many examples.