Properly quote various error messages

[ypp-sc-tools.web-live.git] / yarrg / web / qtextstringcheck

diff --git a/yarrg/web/qtextstringcheck b/yarrg/web/qtextstringcheck
index 9dce8287e208d8213418dd6432e49898c998a74a..0a75f8e9b6ae71be9f50117c542733c9ce71e787 100755 (executable)
--- a/yarrg/web/qtextstringcheck
+++ b/yarrg/web/qtextstringcheck
@@ -65,7 +65,7 @@ my $mydbh;
 $dbh ||= ($mydbh= dbw_connect($ocean));
 
 my $debugf= !$debug ? sub { } : sub {
-    print "@_\n";
+    print escapeHTML("@_")."\n";
 };
 
 $debugf->("QTSC STRING '$string'");
@@ -105,11 +105,12 @@ if ($chk->method_exists('execute')) {
                        $sth, $sqlstmt_nqs,
                        $chk->attr_exists('abbrev_initials'),
                        $chk->attr('maxambig'),
-                       $chk->scall_method("nomatch", spec => $each),
+                       $chk->scall_method("nomatch", specq => escerrq($each)),
                        $chk->scall_method("manyambig"),
                        sub {
                                $chk->scall_method("ambiguous",
-                                       spec => $each, couldbe => $_[1])
+                                       specq => escerrq($each),
+                                       couldbe => $_[1])
                        });
                if (defined $temsg) {
                        $emsg= $temsg;