die if $what =~ m/[^a-z]/;
my $chk= $m->fetch_comp("check_${what}");
+die "check_$what" unless $chk;
my $mydbh;
$dbh ||= ($mydbh= dbw_connect($ocean));
my $debugf= !$debug ? sub { } : sub {
- print "@_\n";
+ print escapeHTML("@_")."\n";
};
$debugf->("QTSC STRING '$string'");
my $sqlstmt_nqs= @sqlstmt_nqs;
my @specs= $chk->attr('multiple')
- ? (split m#[/|,]#, $string)
+ ? (split m#\s*[/|,]\s*#, $string)
: ($string);
foreach my $each (@specs) {
$sth, $sqlstmt_nqs,
$chk->attr_exists('abbrev_initials'),
$chk->attr('maxambig'),
- $chk->scall_method("nomatch", spec => $each),
+ $chk->scall_method("nomatch", specq => escerrq($each)),
$chk->scall_method("manyambig"),
sub {
$chk->scall_method("ambiguous",
- spec => $each, couldbe => $_[0])
+ specq => escerrq($each),
+ couldbe => $_[1])
});
if (defined $temsg) {
$emsg= $temsg;
$debugf->("QTSC EMSG='$emsg' RESULTS='@results'");
if ($format =~ /json/) {
- $r->content_type($ctype or $format);
+ $ctype ||= $format;
+ die unless grep { $_ eq $ctype }
+ qw(application/json text/plain text/xml);
+ $r->content_type($ctype);
my $jobj= {
success => 1*!length $emsg,
show => (length $emsg ? $emsg :