[ZPT] CVS: Products/PageTemplates/help - tales-exists.stx:1.2 tales-path.stx:1.3 tales-python.stx:1.3 tales-string.stx:1.2 tales.stx:1.4
Amos Latteier
amos@zope.com
Mon, 1 Oct 2001 22:02:42 -0400
Update of /cvs-repository/Products/PageTemplates/help
In directory cvs.zope.org:/tmp/cvs-serv23786
Modified Files:
tales-exists.stx tales-path.stx tales-python.stx
tales-string.stx tales.stx
Log Message:
typo fixes and added examples to TALES docs
=== Products/PageTemplates/help/tales-exists.stx 1.1 => 1.2 ===
Note that in this case you can't use the expression,
- "not:request/form/number", since that expression will be true if
+ 'not:request/form/number', since that expression will be true if
the 'number' variable exists and is zero.
=== Products/PageTemplates/help/tales-path.stx 1.2 => 1.3 ===
built-ins in Python; They are always available, but they can be
shadowed by a global or local variable declaration. You can always
- access the built-in names explicitely by prefixing them with
+ access the built-in names explicitly by prefixing them with
*CONTEXTS*. (e.g. CONTEXTS/root, CONTEXTS/nothing, etc).
Examples
=== Products/PageTemplates/help/tales-python.stx 1.2 => 1.3 ===
Security Restrictions
- XXX
+ Python expressions are subject to the same security restrictions
+ as Python-based scripts. These restrictions include:
+
+ loop limits -- Python expressions cannot create infinite loops.
+
+ import limits -- Python expressions can only access some Python
+ modules. See below for details.
+
+ access limits -- Python expressions are subject to Zope
+ permission and role security restrictions. In addition,
+ expressions cannot access objects whose names begin with
+ underscore.
+
+ write limits -- Python expressions cannot change attributes of
+ Zope objects.
+
+ Despite these limits malicious Python expressions can cause
+ problems. See The Zope Book for more information.
Built-in Functions
@@ -32,9 +49,9 @@
keep them from generating very large numbers and sequences. This
limitation helps protect against denial of service attacks.
- In addition, these DTML utility functions are available:
- 'DateTime', 'test', 'namespace', 'render'. See XXX for more
- information on these functions.
+ In addition, these utility functions are available: 'DateTime',
+ 'test', 'same_type'. See XXX for more information on these
+ functions.
Finally, these functions are available in Python expressions,
but not in Python-based scripts:
@@ -53,13 +70,25 @@
Python Modules
- string -- XXX
+ A number of Python modules are available by default. You can
+ make more modules available. See XXX for more information. You
+ can access modules either via path expressions (for example
+ 'modules/string/join') or in Python with the 'modules' mapping
+ object (for example 'modules["string"].join'). Here are the
+ default modules:
+
+ 'string' -- The standard "Python string
+ module":http://www.python.org/doc/current/lib/module-string.html. Note:
+ most of the functions in the module are also available as
+ methods on string objects.
- random -- XXX
+ 'random' -- The standard "Python random
+ module":http://www.python.org/doc/current/lib/module-random.html.
- math -- XXX
+ 'math' -- The standard "Python math
+ module":http://www.python.org/doc/current/lib/module-math.html.
- Products.PythonScripts.standard -- XXX
+ 'Products.PythonScripts.standard' -- XXX
ZPTUtils.* -- XXX
@@ -67,7 +96,30 @@
Examples
- XXX
+ Basic module usage::
+
+ <span tal:replace="python:modules['random'].choice(['one',
+ 'two', 'three', 'four', 'five'])">
+ a random number between one and five
+ </span>
+
+ String processing (capitalize the user name)::
+
+ <p tal:content="python:user.getUserName().capitalize()">
+ User Name
+ </p>
+
+ Basic math (convert image size to mega bytes)::
+
+ <p tal:content="python:image.getSize() / 1048576.0">
+ 12.2323
+ </p>
+
+ String formatting (format a float to two decimal places)::
+
+ <p tal:content="python:'%0.2f' % size">
+ 13.56
+ </p>
See Also
=== Products/PageTemplates/help/tales-string.stx 1.1 => 1.2 ===
Examples
- XXX
\ No newline at end of file
+ Basic string formatting::
+
+ <span tal:replace="string:$this and $that">
+ this and that
+ </span>
+
+ Variables with longer paths::
+
+ <p tal:content="total: ${request/form/total}">
+ total: 12
+ </p>
+
+ Including a dollar sign::
+
+ <p tal:content="cost: $$$cost">
+ cost: $42.00
+ </p>
=== Products/PageTemplates/help/tales.stx 1.3 => 1.4 ===
The *Template Attribute Language Expression Syntax* (TALES) standard
- describes expressions that suppy "TAL":tal.stx and "METAL":metal.stx
- with data. TALES is *one* possible expression syntax for these
- languages, but they are not bound to this definition. Similarly,
- TALES could be used in a context having nothing to do with TAL or
- METAL.
+ describes expressions that supply "TAL":tal.stx and
+ "METAL":metal.stx with data. TALES is *one* possible expression
+ syntax for these languages, but they are not bound to this
+ definition. Similarly, TALES could be used in a context having
+ nothing to do with TAL or METAL.
TALES expressions are described below with any delimiter or quote
markup from higher language layers removed. Here is the basic
@@ -72,7 +72,7 @@
attributes of the current statement tag.
- *CONTEXTS* - the list of standard names (this list). This can be
- used to access a builtin variable that has been hidden by a local
+ used to access a built-in variable that has been hidden by a local
or global variable with the same name.
- *root* - the system's top-most object. In Zope this corresponds
@@ -100,7 +100,9 @@
See Also
- "TAL overview":tal.stx
+ "TAL Overview":tal.stx
+
+ "METAL Overview":metal.stx
"exists":tales-exists.stx expressions