I want to use html_quote as a function - Zope - Zope lists

I want to use html_quote as a function

older
About your ShareWare

Soren Roug

16 Oct 2000 16 Oct '00

9:39 a.m.

Hi, I can render text that potentially has html in it safely with <dtml-var description html_quote> but what if I want to assign the quoted result to another variable. I tried <dtml-call "REQUEST.set('htmldesc',html_quote(REQUEST['description']))"> It didn't work. How do I solve this problem? Sincerely yours, Soren Roug

Reply

Sign in to reply online Use email software

Show replies by date

Ryan M. Dolensek

16 Oct 16 Oct

4:01 p.m.

New subject: [Zope] I want to use html_quote as a function

try... <dtml-call "REQUEST.set('htmldesc',utils.httpEscapedString(REQUEST['description']))"> ryan Soren Roug wrote:

Hi,

I can render text that potentially has html in it safely with

<dtml-var description html_quote>

but what if I want to assign the quoted result to another variable.

I tried

<dtml-call "REQUEST.set('htmldesc',html_quote(REQUEST['description']))">

It didn't work. How do I solve this problem?

Sincerely yours,

Soren Roug

_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )

-- Ryan Dolensek Software Engineer Global Crossing (920)405-4812 rdolense@globalcrossing.com

Reply

Sign in to reply online Use email software

Kapil Thangavelu

9:34 p.m.

New subject: [Zope] I want to use html_quote as a function

Hello, "Ryan M. Dolensek" wrote:

try...

<dtml-call "REQUEST.set('htmldesc',utils.httpEscapedString(REQUEST['description']))">

huh??, what is this, i'm not aware of anything resembling this being in zope's core, i think you are using some type of custom lib. if not i'd like to hear about it?

ryan

Soren Roug wrote:

...
Hi,

I can render text that potentially has html in it safely with

<dtml-var description html_quote>

but what if I want to assign the quoted result to another variable.

I tried

<dtml-call "REQUEST.set('htmldesc',html_quote(REQUEST['description']))">

It didn't work. How do I solve this problem?

the html_quote of dtml-var is done on rendering so you really can't capture the variable in a transformed state. the solution is to roll your own pythonmethod. here's one to the trick. html_encode ttw python method PARAMETERS: text BODY string = _.string character_entities={"'&'":"&","<":"<", "'>'":">","\213": '<', "\233":'>','"':"""} text=str(text) for re,name in character_entities.items(): if string.find(text, re) >= 0: text=string.join(string.split(text,re),name) return text /END BODY so for your example you would do <dtml-call "REQUEST.set('htmldesc', html_encode(description))"> qualifying description if you need to. cheers kapil

Reply

Sign in to reply online Use email software

9303

Age (days ago)

9303

Last active (days ago)

2 comments

3 participants

tags

participants (3)

Kapil Thangavelu
Ryan M. Dolensek
Soren Roug