Mind the CDATA when xml-escaping variables

[dooley]

Can someone please explain why some chars in the vars-parameters are replaced by nik4 (line 157)? This way Postgresql throws an error, because the single quotes in the given sql-fragment are replaced by ' Are there any side-effects if we remove the single-quote replacement?

<Layer status="off" name="xxx" srs="+proj=longlat +ellps=WGS84 +datum=WGS84 +no_defs"> <StyleName>xxx</StyleName> <Datasource base="xxx"> <Parameter name="table"><![CDATA[(SELECT id, the_geom FROM xxx WHERE ST_Contains(${sql_poly}, the_geom)) as foo]]></Parameter> <Parameter name="key_field"><![CDATA[id]]></Parameter> <Parameter name="geometry_field"><![CDATA[the_geom]]></Parameter> </Datasource> </Layer> nik4.py --vars sql_poly="ST_GeomFromText('POLYGON((9.6101188659668 53.324516580827, 9.6933746337891 53.323081133135, 9.6933746337891 53.294875047878, 9.6104621887207 53.297440007518, 9.6101188659668 53.324516580827))',4326)" ...

[Zverik]

Well, it seems I xml-screen variables, so they don't break XML. I forgot about CDATA. You can fix this by either removing the CDATA frame, or (for now) removing the replacement from the code.

I'll add a check for CDATA a bit later.

[dooley]

I removed that replacing piece of code already on my local instance and so far have not seen any side-effects. But would be nice if we don't have to take care of this when installing on other machines.

And thanks for creating such a useful tool.