subject:"\[Zope\] html_quote in python methods\?"

Re: [Zope] html_quote in python methods?

2001-01-03 Thread Jim Washington


Thanks, Andy, Dieter, Chris, Evan for the discussion

What I ended up doing was making a DTML Method called
htmlquote_newlineToBr that looks like:



then calling it from a Python Method like so:

hqnl = self.htmlquote_newlineToBr
myitem=self.fixedLoc['varLoc1']['varLoc2']

print ''
print '%s' % hqnl(theitem=myitem.property1)
print ''

It turned out to be a bit better code than I thought I wanted :)

-- Jim Washington

> - Original Message -
> From: "Jim Washington" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, January 02, 2001 6:32 AM
> Subject: [Zope] html_quote in python methods?
> 
> > I am using Python Methods a lot now.
> >
> > Good:
> > no more  to get to the objects I need. Yay!
> > no more worrying about closing blocks. Yay!
> >
> > OK, when I make a syntax error, there is no help in the traceback.  My
> > Python is getting better and better as a result.
> >
> > To give something back, I have a hint that took me a while to figure
> > out:
> >
> > print '%s' % (self.thevariable)
> > will not work.  The first % needs to be escaped like so:
> >
> > print '%s' % (self.thevariable)
> >
> > Now, can I use html_quote in a Python Method?  I am letting people enter
> > data for redisplay, and I know some Bozo (TM) will somehow put in
> > ""
> > and break the page.
> >
> > Can I keep this from happening?  html_quote does not seem to be in the
> > Python Method namespace.

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Chris Withers

Evan Simpson wrote:
> 
> From: Chris Withers <[EMAIL PROTECTED]>
> > 
> 
> Well, in Python Scripts at least, you can do::
> 
>   from Products.PythonScripts.standard import special_formats

Hmmm... can you do something similar to perform an XML-RPC call into
another Zope instance?

cheers,

Chris

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Evan Simpson


From: Chris Withers <[EMAIL PROTECTED]>
> 

Well, in Python Scripts at least, you can do::

  from Products.PythonScripts.standard import special_formats
  url_quote = special_formats['url-quote']
  return url_quote("")

It's not great, but it's something.

Cheers,

Evan @ digicool & 4-am


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Erik Enge


[Chris Withers]

| Even if it did, what harm would it do?

Denial of Service attacks was what I though of.  But it's a non-issue
I guess.

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Erik Enge


[Chris Withers]

| 

What about security issues?  Wouldn't this also allow those methods to
be called TTW by any user?

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Chris Withers

Erik Enge wrote:
> 
> [Chris Withers]
> 
> | 
> 
> What about security issues?  Wouldn't this also allow those methods to
> be called TTW by any user?

No.

Even if it did, what harm would it do?

cheers,

Chris

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Morten W. Petersen


[Chris Withers]

| I'll second this. It'd be _so_ nice...
| 
| ever wanted to do:
| 
| 

I totally agree.

-Morten

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Chris Withers

Dieter Maurer wrote:
> 
> Jim Washington writes:
>  > Can I keep this from happening?  html_quote does not seem to be in the
>  > Python Method namespace.
> Please help lobbying that the functionality of all
> "dtml-var" attributes are exposed as standard functions.
> 
> The functions are there already, just not exposed to DTML
> and PythonScripts.

I'll second this. It'd be _so_ nice...

ever wanted to do:

:-)

Chris

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

[Zope] Lobbying (was: [Zope] html_quote in python methods?)

2001-01-03 Thread Dieter Maurer

Jim Washington writes:
 > Can I keep this from happening?  html_quote does not seem to be in the
 > Python Method namespace.
Please help lobbying that the functionality of all
"dtml-var" attributes are exposed as standard functions.

The functions are there already, just not exposed to DTML
and PythonScripts.

Dieter

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] html_quote in python methods?

2001-01-02 Thread Andy McKay


Can you do an import in python methods? Still have to install and play with
them. If so you can:

from DT_Util import html_quote

Theres probably a better way... as per DT_var.py

--
  Andy McKay, Developer.
  ActiveState.


- Original Message -
From: "Jim Washington" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, January 02, 2001 6:32 AM
Subject: [Zope] html_quote in python methods?


> I am using Python Methods a lot now.
>
> Good:
> no more  to get to the objects I need. Yay!
> no more worrying about closing blocks. Yay!
>
> OK, when I make a syntax error, there is no help in the traceback.  My
> Python is getting better and better as a result.
>
> To give something back, I have a hint that took me a while to figure
> out:
>
> print '%s' % (self.thevariable)
> will not work.  The first % needs to be escaped like so:
>
> print '%s' % (self.thevariable)
>
> Now, can I use html_quote in a Python Method?  I am letting people enter
> data for redisplay, and I know some Bozo (TM) will somehow put in
> ""
> and break the page.
>
> Can I keep this from happening?  html_quote does not seem to be in the
> Python Method namespace.
>
> Regards,
>
> -- Jim Washington
>
> ___
> Zope maillist  -  [EMAIL PROTECTED]
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
>


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

[Zope] html_quote in python methods?

2001-01-02 Thread Jim Washington


I am using Python Methods a lot now.

Good:
no more  to get to the objects I need. Yay!
no more worrying about closing blocks. Yay!

OK, when I make a syntax error, there is no help in the traceback.  My
Python is getting better and better as a result.

To give something back, I have a hint that took me a while to figure
out:

print '%s' % (self.thevariable)
will not work.  The first % needs to be escaped like so:

print '%s' % (self.thevariable)

Now, can I use html_quote in a Python Method?  I am letting people enter
data for redisplay, and I know some Bozo (TM) will somehow put in 
""
and break the page.

Can I keep this from happening?  html_quote does not seem to be in the
Python Method namespace.

Regards,

-- Jim Washington

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] html_quote in python methods?

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

Re: [Zope] Lobbying (was: [Zope] html_quote in python methods?)

[Zope] Lobbying (was: [Zope] html_quote in python methods?)

Re: [Zope] html_quote in python methods?

[Zope] html_quote in python methods?

11 matches

Site Navigation

Mail list logo

Footer information