Hi, Inside a dtml I write back to the browser the previous content of a form with : <input type="text" size="20" name="<dtml-var "lesattr[index]">" class="form-element" value="<dtml-var "lesvals[index]">" > <input type="text" size="50" name=txt<dtml-var sequence-index> class="form-element" value="<dtml-var "lisvals[_['sequence-index']][0]">" > all is good ... until somebody enter a text including double-quotes then dtml take the " in the text as the terminating quote how can I deal with these embeded quotes ? -- _/ _/ _/_/_/ _/_/ Michel.Vayssade@UTC.fr Service Informatique _/ _/ _/ _/ T:33/0-3.44.23.49.24 Universite de Technologie _/ _/ _/ _/ F:33/0-3.44.23.46.77 BP 20.529 60205 Compiegne _/_/ _/ _/_/ _ mv@utc.fr __/www.utc.fr/~vayssade____ France
----- Original Message ----- From: "Michel Vayssade" <michel.vayssade@utc.fr> To: <zope@zope.org> Sent: Friday, March 29, 2002 12:34 Subject: [Zope] quotes
Hi,
Inside a dtml I write back to the browser the previous content of a form with : <input type="text" size="20" name="<dtml-var "lesattr[index]">" class="form-element" value="<dtml-var "lesvals[index]">" >
<input type="text" size="50" name=txt<dtml-var sequence-index> class="form-element" value="<dtml-var "lisvals[_['sequence-index']][0]">" >
all is good ... until somebody enter a text including double-quotes then dtml take the " in the text as the terminating quote
how can I deal with these embeded quotes ?
a) slap the user b) replace the all quotes by _.chr(34) -aj
Michel Vayssade wrote:
Hi,
Inside a dtml I write back to the browser the previous content of a form with : <input type="text" size="20" name="<dtml-var "lesattr[index]">" class="form-element" value="<dtml-var "lesvals[index]">" >
<input type="text" size="50" name=txt<dtml-var sequence-index> class="form-element" value="<dtml-var "lisvals[_['sequence-index']][0]">" >
all is good ... until somebody enter a text including double-quotes then dtml take the " in the text as the terminating quote
how can I deal with these embeded quotes ?
Hi, Michel I tend to use html_quote, e.g., <input type="text" size="20" name="<dtml-var "lesattr[index]">" class="form-element" value="<dtml-var "lesvals[index]" html_quote>" > <input type="text" size="50" name=txt<dtml-var sequence-index> class="form-element" value="<dtml-var "lisvals[_['sequence-index']][0]" html_quote>" > This escapes (entityizes) ordinary undesirable markup. It is particularly good if you have users who like to write cool stuff like '<table>'! -- Jim Washington
On Fri, 29 Mar 2002, Jim Washington wrote:
Michel Vayssade wrote:
Inside a dtml I write back to the browser the previous content of a form with : <input type="text" size="50" name=txt<dtml-var sequence-index> class="form-element" value="<dtml-var "lisvals[_['sequence-index']][0]">" > all is good ... until somebody enter a text including double-quotes then dtml take the " in the text as the terminating quote
Hi, Michel I tend to use html_quote, e.g., <input type="text" size="50" name=txt<dtml-var sequence-index> class="form-element" value="<dtml-var "lisvals[_['sequence-index']][0]" html_quote>" > ========== Yes ! This do it ! It works fine. Thank you.
This escapes (entityizes) ordinary undesirable markup. It is particularly good if you have users who like to write cool stuff like '<table>'!
or </body></html> !! facetious users are the joy of the programmer !
-- Jim Washington
-- _/ _/ _/_/_/ _/_/ Michel.Vayssade@UTC.fr Service Informatique _/ _/ _/ _/ T:33/0-3.44.23.49.24 Universite de Technologie _/ _/ _/ _/ F:33/0-3.44.23.46.77 BP 20.529 60205 Compiegne _/_/ _/ _/_/ _ mv@utc.fr __/www.utc.fr/~vayssade____ France
participants (3)
-
Andreas Jung -
Jim Washington -
Michel Vayssade