Revision: 4050
Author: [email protected]
Date: Wed Jan 5 13:06:49 2011
Log: Properly escaping remark fields so users who use &, <, > and other XML
characters can still load files.
http://code.google.com/p/power-architect/source/detail?r=4050
Modified:
/trunk/src/main/java/ca/sqlpower/architect/swingui/SwingUIProjectLoader.java
=======================================
---
/trunk/src/main/java/ca/sqlpower/architect/swingui/SwingUIProjectLoader.java
Fri Dec 17 13:40:24 2010
+++
/trunk/src/main/java/ca/sqlpower/architect/swingui/SwingUIProjectLoader.java
Wed Jan 5 13:06:49 2011
@@ -1595,7 +1595,7 @@
String indicesFolder = null;
if (o instanceof SQLTable) {
SQLTable table = (SQLTable) o;
- ioo.println(out, "<remarks>" + table.getRemarks()
+ "</remarks>");
+ ioo.println(out, "<remarks>" +
SQLPowerUtils.escapeXML(table.getRemarks()) + "</remarks>");
String exception;
if
(table.getChildrenInaccessibleReason(SQLColumn.class) != null) {
exception = "sql-exception=\"" +
@@ -1638,7 +1638,7 @@
table.isIndicesPopulated() + "\" name=\"Indices\" " +
"physicalName=\"Indices\" " + exception
+ "type=\"4\">";
} else if (o instanceof SQLColumn) {
- ioo.println(out, "<remarks>" + ((SQLColumn)
o).getRemarks() + "</remarks>");
+ ioo.println(out, "<remarks>" +
SQLPowerUtils.escapeXML(((SQLColumn) o).getRemarks()) + "</remarks>");
}
while (children.hasNext()) {
SQLObject child = (SQLObject) children.next();
