Cyclone-Team/gramps
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

2007-04-18 Don Allingham <don@gramps-project.org>

Browse Source 
* src/plugins/BookReport.py: escape xml constructs (bug 877)
	* src/PluginUtils/_Options.py: escape xml constructs (bug 877)



svn: r8403
This commit is contained in:
Don Allingham 2007-04-19 02:03:29 +00:00
parent eb7b977237
commit 60a072824f
3 changed files with 24 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -1,3 +1,7 @@
2007-04-18 Don Allingham <don@gramps-project.org>
* src/plugins/BookReport.py: escape xml constructs (bug 877)
* src/PluginUtils/_Options.py: escape xml constructs (bug 877)
2007-04-17 Don Allingham <don@gramps-project.org> 2007-04-17 Don Allingham <don@gramps-project.org>
* src/Editors/_EditRepository.py: fix double click save bug * src/Editors/_EditRepository.py: fix double click save bug
* src/Editors/_EditSource.py: fix double click save bug * src/Editors/_EditSource.py: fix double click save bug

13
src/PluginUtils/_Options.py
View File

@ -44,6 +44,9 @@ except:
from _xmlplus.sax import make_parser,handler,SAXParseException from _xmlplus.sax import make_parser,handler,SAXParseException
from _xmlplus.sax.saxutils import escape from _xmlplus.sax.saxutils import escape
def escxml(d):
return escape(d, { '"' : '&quot;' } )
#------------------------------------------------------------------------- #-------------------------------------------------------------------------
# #
# gramps modules # gramps modules
@ -196,22 +199,22 @@ class OptionListCollection:
for module_name in self.get_module_names(): for module_name in self.get_module_names():
option_list = self.get_option_list(module_name) option_list = self.get_option_list(module_name)
f.write('<module name="%s">\n' % escape(module_name)) f.write('<module name="%s">\n' % escxml(module_name))
options = option_list.get_options() options = option_list.get_options()
for option_name in options.keys(): for option_name in options.keys():
if type(options[option_name]) in (type(list()),type(tuple())): if type(options[option_name]) in (type(list()),type(tuple())):
f.write(' <option name="%s" value="" length="%d">\n' % ( f.write(' <option name="%s" value="" length="%d">\n' % (
escape(option_name), escxml(option_name),
len(options[option_name]) ) ) len(options[option_name]) ) )
for list_index in range(len(options[option_name])): for list_index in range(len(options[option_name])):
f.write(' <listitem number="%d" value="%s"/>\n' % ( f.write(' <listitem number="%d" value="%s"/>\n' % (
list_index, list_index,
escape(unicode(options[option_name][list_index]))) ) escxml(unicode(options[option_name][list_index]))) )
f.write(' </option>\n') f.write(' </option>\n')
else: else:
f.write(' <option name="%s" value="%s"/>\n' % ( f.write(' <option name="%s" value="%s"/>\n' % (
escape(option_name), escxml(option_name),
escape(unicode(options[option_name]))) ) escxml(unicode(options[option_name]))) )
self.write_module_common(f,option_list) self.write_module_common(f,option_list)

19
src/plugins/BookReport.py
View File

@ -31,6 +31,11 @@
import os import os
from gettext import gettext as _ from gettext import gettext as _
from xml.sax.saxutils import escape
def escxml(d):
return escape(d, { '"' : '&quot;' } )
#------------------------------------------------------------------------ #------------------------------------------------------------------------
# #
# Set up logging # Set up logging
@ -365,28 +370,28 @@ class BookList:
for name in self.bookmap.keys(): for name in self.bookmap.keys():
book = self.get_book(name) book = self.get_book(name)
dbname = book.get_dbname() dbname = book.get_dbname()
f.write('<book name="%s" database="%s">\n' % (name,dbname) ) f.write('<book name="%s" database="%s">\n' % (escxml(name), escxml(dbname)) )
for item in book.get_item_list(): for item in book.get_item_list():
f.write(' <item name="%s" trans_name="%s">\n' % f.write(' <item name="%s" trans_name="%s">\n' %
(item.get_name(),item.get_translated_name() ) ) (escxml(item.get_name()), escxml(item.get_translated_name()) ) )
option_handler = item.option_class.handler option_handler = item.option_class.handler
for option_name in option_handler.options_dict.keys(): for option_name in option_handler.options_dict.keys():
option_value = option_handler.options_dict[option_name] option_value = option_handler.options_dict[option_name]
if type(option_value) in (list,tuple): if type(option_value) in (list,tuple):
f.write(' <option name="%s" length="%d">\n' % ( f.write(' <option name="%s" length="%d">\n' % (
option_name, len(option_value) ) ) escxml(option_name), len(option_value) ) )
for list_index in range(len(option_value)): for list_index in range(len(option_value)):
option_type = Utils.type_name(option_value[list_index]) option_type = Utils.type_name(option_value[list_index])
f.write(' <listitem number="%d" type="%s" value="%s"/>\n' % ( f.write(' <listitem number="%d" type="%s" value="%s"/>\n' % (
list_index, option_type, option_value[list_index]) ) list_index, escxml(option_type), escxml(option_value[list_index])) )
f.write(' </option>\n') f.write(' </option>\n')
else: else:
option_type = Utils.type_name(option_value) option_type = Utils.type_name(option_value)
f.write(' <option name="%s" type="%s" value="%s"/>\n' % ( f.write(' <option name="%s" type="%s" value="%s"/>\n' % (
option_name,option_type,option_value) ) escxml(option_name), escxml(option_type), escxml(option_value)) )
f.write(' <person gramps_id="%s"/>\n' % f.write(' <person gramps_id="%s"/>\n' %
option_handler.get_person_id() ) escxml(option_handler.get_person_id()) )
f.write(' <style name="%s"/>\n' % item.get_style_name() ) f.write(' <style name="%s"/>\n' % escxml(item.get_style_name()) )
f.write(' </item>\n') f.write(' </item>\n')
f.write('</book>\n') f.write('</book>\n')