diff --git a/gramps2/ChangeLog b/gramps2/ChangeLog index 601caeaa5..b2e6a11f6 100644 --- a/gramps2/ChangeLog +++ b/gramps2/ChangeLog @@ -1,6 +1,14 @@ 2005-10-19 Martin Hawlisch * src/plugins/TestcaseGenerator.py: More randomisation; new test options * src/RelLib.py (Source.get_text_data_list): Add missing fields + * src/AttrEdit.py: escape xml-specialchars because of use_markup + * src/EditPerson.py: escape xml-specialchars because of use_markup + * src/EventEdit.py: escape xml-specialchars because of use_markup + * src/Marriage.py: escape xml-specialchars because of use_markup + * src/NameEdit.py: escape xml-specialchars because of use_markup + * src/PedView.py: escape xml-specialchars because of use_markup + * src/UrlEdit.py: escape xml-specialchars because of use_markup + 2005-10-18 Don Allingham * src/Report.py: bumped the maximum generations to 999 from 31 diff --git a/gramps2/src/AttrEdit.py b/gramps2/src/AttrEdit.py index e2dd738e9..2b5db6e48 100644 --- a/gramps2/src/AttrEdit.py +++ b/gramps2/src/AttrEdit.py @@ -35,6 +35,7 @@ __version__ = "$Revision$" #------------------------------------------------------------------------- from gettext import gettext as _ import gc +from cgi import escape #------------------------------------------------------------------------- # @@ -122,7 +123,7 @@ class AttributeEditor: if title == ", ": title = _("Attribute Editor") else: - title = _("Attribute Editor for %s") % title + title = _("Attribute Editor for %s") % escape(title) l = self.top.get_widget("title") Utils.set_titles(self.window,l,title,_('Attribute Editor')) diff --git a/gramps2/src/EditPerson.py b/gramps2/src/EditPerson.py index ab8255db4..263b8bad6 100644 --- a/gramps2/src/EditPerson.py +++ b/gramps2/src/EditPerson.py @@ -31,6 +31,7 @@ import gc import locale import sets from gettext import gettext as _ +from cgi import escape #------------------------------------------------------------------------- # @@ -1247,7 +1248,7 @@ class EditPerson: the close window""" if self.did_data_change() and not GrampsKeys.get_dont_ask(): - n = "%s" % self.nd.display(self.person) + n = "%s" % escape(self.nd.display(self.person)) SaveDialog(_('Save changes to %s?') % n, _('If you close without saving, the changes you ' 'have made will be lost'), @@ -1263,7 +1264,7 @@ class EditPerson: """If the data has changed, give the user a chance to cancel the close window""" if self.did_data_change() and not GrampsKeys.get_dont_ask(): - n = "%s" % self.nd.display(self.person) + n = "%s" % escape(self.nd.display(self.person)) SaveDialog(_('Save Changes to %s?') % n, _('If you close without saving, the changes you ' 'have made will be lost'), @@ -2000,8 +2001,8 @@ class EditPerson: def write_primary_name(self): # initial values - name = '%s' % self.nd.display(self.person) - self.top.get_widget("activepersonTitle").set_text(name) + name = '%s' % escape(self.nd.display(self.person)) + self.top.get_widget("activepersonTitle").set_text( name) self.top.get_widget("activepersonTitle").set_use_markup(True) self.suffix.set_text(self.pname.get_suffix()) if self.use_patronymic: diff --git a/gramps2/src/EventEdit.py b/gramps2/src/EventEdit.py index e34af7064..65754ca25 100644 --- a/gramps2/src/EventEdit.py +++ b/gramps2/src/EventEdit.py @@ -28,6 +28,7 @@ from gettext import gettext as _ import sets import gc +from cgi import escape #------------------------------------------------------------------------- # @@ -117,7 +118,7 @@ class EventEditor: if name == ", ": etitle = _('Event Editor') else: - etitle = _('Event Editor for %s') % name + etitle = _('Event Editor for %s') % escape(name) Utils.set_titles(self.window,title_label, etitle, _('Event Editor')) diff --git a/gramps2/src/Marriage.py b/gramps2/src/Marriage.py index d305ecec5..a0ec0a7de 100644 --- a/gramps2/src/Marriage.py +++ b/gramps2/src/Marriage.py @@ -28,6 +28,7 @@ import cPickle as pickle from gettext import gettext as _ import sets +from cgi import escape #------------------------------------------------------------------------- # @@ -147,8 +148,8 @@ class Marriage: father = self.db.get_person_from_handle(fid) mother = self.db.get_person_from_handle(mid) - self.title = _("%s and %s") % (NameDisplay.displayer.display(father), - NameDisplay.displayer.display(mother)) + self.title = _("%s and %s") % (escape(NameDisplay.displayer.display(father)), + escape(NameDisplay.displayer.display(mother))) Utils.set_title_label(self.top,self.title) diff --git a/gramps2/src/NameEdit.py b/gramps2/src/NameEdit.py index ace962ae7..f78e09c44 100644 --- a/gramps2/src/NameEdit.py +++ b/gramps2/src/NameEdit.py @@ -27,6 +27,7 @@ #------------------------------------------------------------------------- from gettext import gettext as _ import gc +from cgi import escape #------------------------------------------------------------------------- # @@ -127,7 +128,7 @@ class NameEditor: if full_name == "": tmsg = _("Name Editor") else: - tmsg = _("Name Editor for %s") % full_name + tmsg = _("Name Editor for %s") % escape(full_name) Utils.set_titles(self.window, alt_title, tmsg, _('Name Editor')) diff --git a/gramps2/src/PedView.py b/gramps2/src/PedView.py index be98bf7a0..b6965c811 100644 --- a/gramps2/src/PedView.py +++ b/gramps2/src/PedView.py @@ -26,6 +26,7 @@ # #------------------------------------------------------------------------- from gettext import gettext as _ +from cgi import escape #------------------------------------------------------------------------- # @@ -678,9 +679,9 @@ class PedigreeView: child_menu = item.get_submenu() if find_children(self.db,child): - label = gtk.Label('%s' % NameDisplay.displayer.display(child)) + label = gtk.Label('%s' % escape(NameDisplay.displayer.display(child))) else: - label = gtk.Label(NameDisplay.displayer.display(child)) + label = gtk.Label(escape(NameDisplay.displayer.display(child))) child_item = gtk.MenuItem(None) label.set_use_markup(True) @@ -712,9 +713,9 @@ class PedigreeView: par_menu = item.get_submenu() if find_parents(self.db,par): - label = gtk.Label('%s' % NameDisplay.displayer.display(par)) + label = gtk.Label('%s' % escape(NameDisplay.displayer.display(par))) else: - label = gtk.Label(NameDisplay.displayer.display(par)) + label = gtk.Label(escape(NameDisplay.displayer.display(par))) par_item = gtk.MenuItem(None) label.set_use_markup(True) diff --git a/gramps2/src/UrlEdit.py b/gramps2/src/UrlEdit.py index ab448b56b..5c9920741 100644 --- a/gramps2/src/UrlEdit.py +++ b/gramps2/src/UrlEdit.py @@ -27,6 +27,7 @@ #------------------------------------------------------------------------- from gettext import gettext as _ import gc +from cgi import escape #------------------------------------------------------------------------- # @@ -74,7 +75,7 @@ class UrlEditor: if not name or name == ", ": etitle =_('Internet Address Editor') else: - etitle =_('Internet Address Editor for %s') % name, + etitle =_('Internet Address Editor for %s') % escape(name), Utils.set_titles(self.window,title_label, etitle,