Hi All,
I emailed Yariv about an enhancement that I ported over from openacs's
templating system. It's essentially about how you display variables in
a safe consistent concise way. e.g.
## BEFORE
<%@ album({Title, Artist, Songs})
%>
Title: <b><% Title %></
b><br>
Artist: <b><% Artist %></
b><br>
Songs:
<br>
<table>
<% [song(Number, Name) || {Number, Name} <- Songs]
%>
</table>
can now be written as:
## AFTER
<%@ album({Title, Artist, Songs})
%>
Title: <b><@Title@</
b><br>
Artist: <b><@Artist@></
b><br>
Songs:
<br>
<table>
<% [song(Number, Name) || {Number, Name} <- Songs] %>
Essentially any variable declared as as @Var;opt1,opt2@ is changed to <
% render_val(Var,[opt1,opt2]) %> and then follows normal ertl
processing
ertl:render_val will
1) Translate strings,numbers,binary etc into output types suitable for
display automatically - no doing integer_to_string or any of that sort
2) Safer - having special syntax means that Ithe contents of the var
can be cleaned (you can off course turn off this option (see below).
Openacs was awesome at how much it did for you in terms of security -
imagine if the Title contained malicious html tags/script code?
## How is this implemented?
Essentially any variable declared as as @Var;opt1,opt2@ is changed to <
% render_val(Var,[opt1,opt2]) %> and then follows normal ertl
processing
I have already implemented some options. You can currently
do:
<B>@Title@</B> prints out a safe version of the Title
Variable
Options already
supported:
<B>@Title;noquote@</B> - don't quote the
string
<B>@Title;urlescape@</B> - escape the string for using in HREF
urls
<B>@Title;raw@</B> - print out the raw term - so you can print out
raw represenations of the vars
Extending options can be done as
follows
<B>@Title;format,enUK@</B> - will require you to
implement
ertl: render_val(Val,[format,Locale]) -
>
in the ertl code.
### Where is the code?
email me or yariv. We both have copy. I can alternative post it here
if ok by the group.
Hafeez
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"erlyweb" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/erlyweb?hl=en
-~----------~----~----~----~------~----~------~--~---
