I have been using dtml to create dynamic JavaScripts for some forms I am creating. In doing this I came upon the standard problem of inserting strings containing double quotes into a JavaScript such as where title = '"Quoted String"': form.select.options[0].text = "<dtml-var title>"; And you wind up with this rendered: form.select.options[0].text = ""Quoted String""; I know there is the html_quote and sql_quote options to alleviate this problem elsewhere. From what I can figure there is no other quote fixing magic option for the above in the current dtml-var implementation. Perhaps an options could be added to dtml-var in the future to handle this; maybe something like "slash_quote". So that you get this rendered: form.select.options[0].text = "\"Quoted String\""; Just a thought. For now I am just going to convert all double quotes to single quotes automagically. I guess I could modify DT_var.py, but I know it'll get stomped the next time I upgrade my install. I guess I could submit my changed version for inclusion in a future release, how about that?
I have been using dtml to create dynamic JavaScripts for some forms I am creating. In doing this I came upon the standard problem of inserting strings containing double quotes into a JavaScript such as where title = '"Quoted String"':
form.select.options[0].text = "<dtml-var title>";
And you wind up with this rendered:
form.select.options[0].text = ""Quoted String"";
Given that, like Python, javascript accepts strings either single or double quoted, you could try using backquotes to escape the string: form.select.options[0].text = <dtml-var "`title`">; should (untested) give you: form.select.options[0].text = '"Quoted String"'; Provided title is a string, this will escape any quotes and, for that matter, unprintable characters, and wrap either single or double quotes round the outside. If title is a method then you need to call it first: <dtml-var "`title()`"> -- Duncan Booth duncan@dales.rmplc.co.uk int month(char *p){return(124864/((p[0]+p[1]-p[2]&0x1f)+1)%12)["\5\x8\3" "\6\7\xb\1\x9\xa\2\0\4"];} // Who said my code was obscure? http://dales.rmplc.co.uk/Duncan
Thanks, that works good. It also escapes any special characters in the string, an added bonus. The only case I found where a new format option would work better is if you use the dtml-var size option to limit the size of the string. I will continue to play with it and see what I come up with. Perhaps an option to back_quote should be added to dtml-var to eliminate somewhat hairy looking expressions like this (taken from my code): <dtml-var "`'(Back up to ' + title + ')'`"> I never thought I would use every type of quotation mark in a single expression! 8^) Thanks! -Casey D. -----Original Message----- From: Duncan Booth [mailto:duncan@rcp.co.uk] Sent: Monday, July 31, 2000 10:09 AM To: Casey Duncan; zope-dev@zope.org Subject: Re: [Zope-dev] dtml-var tag suggestion
I have been using dtml to create dynamic JavaScripts for some forms I am creating. In doing this I came upon the standard problem of inserting strings containing double quotes into a JavaScript such as where title = '"Quoted String"':
form.select.options[0].text = "<dtml-var title>";
And you wind up with this rendered:
form.select.options[0].text = ""Quoted String"";
Given that, like Python, javascript accepts strings either single or double quoted, you could try using backquotes to escape the string: form.select.options[0].text = <dtml-var "`title`">; should (untested) give you: form.select.options[0].text = '"Quoted String"'; Provided title is a string, this will escape any quotes and, for that matter, unprintable characters, and wrap either single or double quotes round the outside. If title is a method then you need to call it first: <dtml-var "`title()`"> -- Duncan Booth duncan@dales.rmplc.co.uk int month(char *p){return(124864/((p[0]+p[1]-p[2]&0x1f)+1)%12)["\5\x8\3" "\6\7\xb\1\x9\xa\2\0\4"];} // Who said my code was obscure? http://dales.rmplc.co.uk/Duncan
participants (2)
-
Casey Duncan -
Duncan Booth