Cyclone-Team/gramps
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* src/DataViews/_RelationView.py: Escape XML special chars

Browse Source 
svn: r7789
This commit is contained in:
Martin Hawlisch 2006-12-12 12:05:19 +00:00
parent f2aa3cbd29
commit 964c65b895
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/DataViews/_RelationView.py
View File

@ -812,17 +812,17 @@ class RelationshipView(PageView.PersonNavView):
birth = ReportUtils.get_birth_or_fallback(self.dbstate.db, child) birth = ReportUtils.get_birth_or_fallback(self.dbstate.db, child)
if birth and birth.get_type != RelLib.EventType.BIRTH: if birth and birth.get_type != RelLib.EventType.BIRTH:
bdate = "<i>%s</i>" % DateHandler.get_date(birth) bdate = "<i>%s</i>" % cgi.escape(DateHandler.get_date(birth))
elif birth: elif birth:
bdate = DateHandler.get_date(birth) bdate = cgi.escape(DateHandler.get_date(birth))
else: else:
bdate = "" bdate = ""
death = ReportUtils.get_death_or_fallback(self.dbstate.db, child) death = ReportUtils.get_death_or_fallback(self.dbstate.db, child)
if death and death.get_type != RelLib.EventType.DEATH: if death and death.get_type != RelLib.EventType.DEATH:
ddate = "<i>%s</i>" % DateHandler.get_date(death) ddate = "<i>%s</i>" % cgi.escape(DateHandler.get_date(death))
elif death: elif death:
ddate = DateHandler.get_date(death) ddate = cgi.escape(DateHandler.get_date(death))
else: else:
ddate = "" ddate = ""