Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Escape xml characters in composer template string replacement
  • Loading branch information
Marco Hugentobler committed Sep 28, 2012
1 parent 3c5cb06 commit 3a1c9ef
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 4 deletions.
19 changes: 15 additions & 4 deletions src/core/composer/qgscomposition.cpp
Expand Up @@ -206,13 +206,13 @@ const QgsComposerHtml* QgsComposition::getComposerHtmlByItem( QgsComposerItem *i
// an html item will be a composer frame and if it is we can try to get
// its multiframe parent and then try to cast that to a composer html
const QgsComposerFrame* composerFrame =
dynamic_cast<const QgsComposerFrame *>( item );
dynamic_cast<const QgsComposerFrame *>( item );
if ( composerFrame )
{
const QgsComposerMultiFrame * mypMultiFrame = composerFrame->multiFrame();
const QgsComposerHtml* composerHtml =
dynamic_cast<const QgsComposerHtml *>( mypMultiFrame );
if (composerHtml)
dynamic_cast<const QgsComposerHtml *>( mypMultiFrame );
if ( composerHtml )
{
return composerHtml;
}
Expand Down Expand Up @@ -377,7 +377,7 @@ bool QgsComposition::loadFromTemplate( const QDomDocument& doc, QMap<QString, QS
QMap<QString, QString>::const_iterator sIt = substitutionMap->constBegin();
for ( ; sIt != substitutionMap->constEnd(); ++sIt )
{
xmlString = xmlString.replace( "[" + sIt.key() + "]", sIt.value() );
xmlString = xmlString.replace( "[" + sIt.key() + "]", encodeStringForXML( sIt.value() ) );
}
importDoc.setContent( xmlString );
}
Expand Down Expand Up @@ -1570,3 +1570,14 @@ void QgsComposition::renderPage( QPainter* p, int page )

mPlotStyle = savedPlotStyle;
}

QString QgsComposition::encodeStringForXML( const QString& str )
{
QString modifiedStr( str );
modifiedStr.replace( "&", "&amp;" );
modifiedStr.replace( "\"", "&quot;" );
modifiedStr.replace( "'", "&apos;" );
modifiedStr.replace( "<", "&lt;" );
modifiedStr.replace( ">", "&gt;" );
return modifiedStr;
}
2 changes: 2 additions & 0 deletions src/core/composer/qgscomposition.h
Expand Up @@ -343,6 +343,8 @@ class CORE_EXPORT QgsComposition: public QGraphicsScene
void removePaperItems();
void deleteAndRemoveMultiFrames();

static QString encodeStringForXML( const QString& str );

signals:
void paperSizeChanged();
void nPagesChanged();
Expand Down

0 comments on commit 3a1c9ef

Please sign in to comment.