[Zope] quotes
Jim Washington
jwashin@vt.edu
Fri, 29 Mar 2002 13:03:04 -0500
Michel Vayssade wrote:
>Hi,
>
>Inside a dtml I write back to the browser the previous content
>of a form with :
><input type="text" size="20"
> name="<dtml-var "lesattr[index]">"
> class="form-element" value="<dtml-var "lesvals[index]">" >
>
> <input type="text" size="50" name=txt<dtml-var sequence-index>
> class="form-element"
> value="<dtml-var "lisvals[_['sequence-index']][0]">" >
>
>all is good ... until somebody enter a text including double-quotes
>then dtml take the " in the text as the terminating quote
>
>how can I deal with these embeded quotes ?
>
Hi, Michel
I tend to use html_quote, e.g.,
<input type="text" size="20"
name="<dtml-var "lesattr[index]">"
class="form-element" value="<dtml-var "lesvals[index]" html_quote>" >
<input type="text" size="50" name=txt<dtml-var sequence-index>
class="form-element"
value="<dtml-var "lisvals[_['sequence-index']][0]" html_quote>" >
This escapes (entityizes) ordinary undesirable markup. It is
particularly good if you have users who like to write cool stuff like
'<table>'!
-- Jim Washington