[Zope] tree help!
Oliver Bleutgen
myzope@gmx.net
Wed, 09 Apr 2003 10:36:18 +0200
michael.taņag wrote:
> thanks! it works!
> of course, making it work doesn't satisfy me
> how it works makes me more satisfied.
> What's the "_[ ]" characters for? What do they do?
_[string] gets the object from the namespace (the "_"). I.e.
<dtml-var spam> is the same (more or less) than <dtml-var "_['spam']">.
There are some subtle difference though which can be read up on the net.
> Why is it good pratice to have html quote?
You want to rule out the possiblity that someone could inject valid
html/javscript into your page, to prevent "Cross site scripting" attacks
(-> google) for instance.
cheers,
oliver