[Zope] special characters
John Eikenberry
jae@kavi.com
Fri, 5 Mar 1999 10:52:13 -0800 (PST)
On Fri, 5 Mar 1999, Martijn Pieters wrote:
> At 00:24 05/03/99 , John Eikenberry wrote:
> >'manage_addProperty' calls various converters from ZPublisher.Converters
> >to format the properties values. Shouldn't html_quote be used when
> >formatting strings and text? This would be trivial to change. Would this
> >cause some problem I don't realize? If not, I'd like to add this to the
> >Collector for the next version.
> >
>
> Yes, because you sometimes (most of the time, really), want to have the raw
> input from the user. If you then use this raw input in HTML again, only
> *then* should you quote out any HTML. Besides, what if I want the data to
> be URL quoted? Or SQL quoted?
Yeah, I already figured out that the problem was actually in the
OFS/properties.dtml file (I moved over to the zope-dev list, as I realized
this thread really belongs there). In properties.dtml the 'string' type is
listed twice:
<!--#if "type in ('string', 'int', 'long', 'float', 'date')"-->
<input type="text" name="<!--#var id-->:<!--#var type-->" size="35"
value="<!--#var "_[id]"-->">
<!--#elif "type=='string'"-->
<input type="text" name="<!--#var id-->:string" size="35"
value="<!--#var "_[id]" html_quote-->">
'string' needs to be removed from that first list. I'll be submitting this
to the Collector.
---
John Eikenberry
[jae@kavi.com - http://taos.kavi.com/~jae/]
______________________________________________________________
"A society that will trade a little liberty for a little order
will deserve neither and lose both."
--B. Franklin