sequence / int handling (DTML)
I have a DTML page where users can choose location(s) to link to a hypothesis. So there's an HTML multiple selection field. I have code that calls SQL to insert multiple selections and code that calls the SQL insert for a single entry. My question is how do get Zope to differentiate between the two scenarios and use the appropriate code. It's some sort of <dtml-if > logic... This tag calls the SQL query to inset a single selection <dtml-call "queries.updateHypPlace()"> This code iterates through the sequence and calls the SQL to insert each one <dtml-in place prefix=obj> <dtml-call "queries.updateHypPlace(place=obj_item , huid=hid)"> </dtml-in> What I have in mind is <dtml-if ????> <dtml-call "queries.updateHypPlace()"> <dtml-else ????> <dtml-in place prefix=obj> <dtml-call "queries.updateHypPlace(place=obj_item , huid=hid)"> </dtml-in> </dtml-if> Suggestions? TIA, David
To test if place is a sequence, try: <dtml-if "_.hasattr(place, 'sort')"> HTH, Dylan On Tue, 2003-06-24 at 16:33, David Siedband wrote:
I have a DTML page where users can choose location(s) to link to a hypothesis. So there's an HTML multiple selection field. I have code that calls SQL to insert multiple selections and code that calls the SQL insert for a single entry. My question is how do get Zope to differentiate between the two scenarios and use the appropriate code. It's some sort of <dtml-if > logic...
This tag calls the SQL query to inset a single selection <dtml-call "queries.updateHypPlace()">
This code iterates through the sequence and calls the SQL to insert each one <dtml-in place prefix=obj> <dtml-call "queries.updateHypPlace(place=obj_item , huid=hid)"> </dtml-in>
What I have in mind is
<dtml-if ????> <dtml-call "queries.updateHypPlace()"> <dtml-else ????> <dtml-in place prefix=obj> <dtml-call "queries.updateHypPlace(place=obj_item , huid=hid)"> </dtml-in> </dtml-if>
Suggestions?
TIA,
David
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
David Siedband wrote at 2003-6-24 16:33 -0700:
I have a DTML page where users can choose location(s) to link to a hypothesis. So there's an HTML multiple selection field. I have code that calls SQL to insert multiple selections and code that calls the SQL insert for a single entry. My question is how do get Zope to differentiate between the two scenarios and use the appropriate code.
The easiest way is not to have two scenarios but a single one (a list). You can use the ":list" type suffix for your control variable. Details in <http://www.dieter.handshake.de/pyprojects/zope/book/chap3.html> You can also use "_.same_type" to check the type of your variable. Sometimes, this might be necessary. In your special case, it would be suboptimal. Dieter
Dieter's right, of course, but that's not the whole story. You can, in fact, embed suffixes like ":list" to control how variables are collected by Zope. Doing so, however, gives clients a greater degree of control over whether your application functions properly. Worse, it encourages taking shortcuts in the one area you should probably be putting more effort: data validation. If you use this as Dieter suggests, you're only prepared for one case: that your data arrives pre-formatted into a list. If it arrives in any other form, your app may choke. Worse yet, it might not choke, but will function in some unintended way -- iterating over a string instead of a list, for example. The degree to which this matters will vary. IMO, any serious web app should be validating *everything* clients send before any action is taken on it. Assuming you're *doing* validation, the suffix trick is of dubious value... if you're not doing validation, you probably should be. Really, that doesn't leave a lot of useful problem space for the suffix trick to cover. I'd recommend against building "strong typing" kinds of assumptions into your applications. Such expectations are neither very dependable nor do they have much in common with Python best practices. That said, *lots* of people use this trick, including many of the smartest and most experienced among us. You'll be in good company if you use this trick... but I you'll have better apps if you don't. $.02, Dylan On Thu, 2003-06-26 at 15:43, Dieter Maurer wrote:
David Siedband wrote at 2003-6-24 16:33 -0700:
I have a DTML page where users can choose location(s) to link to a hypothesis. So there's an HTML multiple selection field. I have code that calls SQL to insert multiple selections and code that calls the SQL insert for a single entry. My question is how do get Zope to differentiate between the two scenarios and use the appropriate code.
The easiest way is not to have two scenarios but a single one (a list). You can use the ":list" type suffix for your control variable. Details in
<http://www.dieter.handshake.de/pyprojects/zope/book/chap3.html>
You can also use "_.same_type" to check the type of your variable. Sometimes, this might be necessary. In your special case, it would be suboptimal.
Dieter
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Dylan Reinhardt wrote at 2003-6-27 11:28 -0700:
Dieter's right, of course, but that's not the whole story. .... IMO, any serious web app should be validating *everything* clients send before any action is taken on it.
I like web app's to view through the "Design by Contract" principle (like almost any other software). A web app fullfils a contract: When you (client) send me an URL of a given form, I will send back a response with some given properties. When the client does not fulfill its part of the deal (use the given form), the web app may do whatever it likes (though it should not damage itself or its data; thus, some security checks are needed).
Assuming you're *doing* validation, the suffix trick is of dubious value... if you're not doing validation, you probably should be. Really, that doesn't leave a lot of useful problem space for the suffix trick to cover.
It makes validation a bit easier. You know immediately, that anything which is not a list is bogus... Dieter
participants (3)
-
David Siedband -
Dieter Maurer -
Dylan Reinhardt