On Fri, 29 Mar 2002, Jim Washington wrote:
Michel Vayssade wrote:
Inside a dtml I write back to the browser the previous content of a form with : <input type="text" size="50" name=txt<dtml-var sequence-index> class="form-element" value="<dtml-var "lisvals[_['sequence-index']][0]">" > all is good ... until somebody enter a text including double-quotes then dtml take the " in the text as the terminating quote
Hi, Michel I tend to use html_quote, e.g., <input type="text" size="50" name=txt<dtml-var sequence-index> class="form-element" value="<dtml-var "lisvals[_['sequence-index']][0]" html_quote>" > ========== Yes ! This do it ! It works fine. Thank you.
This escapes (entityizes) ordinary undesirable markup. It is particularly good if you have users who like to write cool stuff like '<table>'!
or </body></html> !! facetious users are the joy of the programmer !
-- Jim Washington
-- _/ _/ _/_/_/ _/_/ Michel.Vayssade@UTC.fr Service Informatique _/ _/ _/ _/ T:33/0-3.44.23.49.24 Universite de Technologie _/ _/ _/ _/ F:33/0-3.44.23.46.77 BP 20.529 60205 Compiegne _/_/ _/ _/_/ _ mv@utc.fr __/www.utc.fr/~vayssade____ France