delete HTML Tags out of a form input
Hi I would like to delete HTML tags which may have been entred in to a form, before I store the value into a ZClass Instance .. My Idea was just to replace the '<' '>' characters with something less dangerous .. My code is: <dtml-let transtab="_.string.maketrans('><','**')"> <dtml-call "REQUEST.set('Message',_.string.translate(Message,transtab,'><'))"> </dtml-let> The problem is now, that it deletes the >< but it don't replace them with the * ... what is it, what am I doing wrong? Thanks for help Regards Stefan Mallepell
Stefan Mallepell wrote:
Hi
I would like to delete HTML tags which may have been entred in to a form, before I store the value into a ZClass Instance ..
Try searching the list archive for stripogram. Chris Withers posted some neat code to do this last week. Ivan
Stefan Mallepell wrote:
My code is: <dtml-let transtab="_.string.maketrans('><','**')"> <dtml-call "REQUEST.set('Message',_.string.translate(Message,transtab,'><'))"> </dtml-let>
The documentation for translate explains that the third argument, '><' in your case, is used to specify characters do be removed before the translation occurs. If you do like this...
"REQUEST.set('Message',_.string.translate(Message,transtab))">
...it should work. Regards, Luciano
Hi Luciano Thank you! Stefan PS.: I was reading the syntax about 10 times and it never made "klick" ... well may I should make sometimes a break ... ----- Original Message ----- From: "Luciano Ramalho" <luciano@hiper.com.br> To: "Stefan Mallepell" <steve@syso.ch> Cc: <zope@zope.org> Sent: Thursday, April 19, 2001 3:25 PM Subject: Re: [Zope] delete HTML Tags out of a form input
Stefan Mallepell wrote:
My code is: <dtml-let transtab="_.string.maketrans('><','**')"> <dtml-call "REQUEST.set('Message',_.string.translate(Message,transtab,'><'))"> </dtml-let>
The documentation for translate explains that the third argument, '><' in your case, is used to specify characters do be removed before the translation occurs. If you do like this...
"REQUEST.set('Message',_.string.translate(Message,transtab))">
...it should work.
Regards,
Luciano
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
participants (3)
-
Ivan Cornell -
Luciano Ramalho -
Stefan Mallepell