Hi Jorge, On Jan 21, 11:24 am, Jorge Vargas <[email protected]> wrote: > On Wed, Jan 21, 2009 at 10:53 AM, Mike Driscoll <[email protected]> wrote: > > > Hi Chris, > > > On Jan 21, 5:59 am, Christopher Arndt <[email protected]> wrote: > >> Mike Driscoll schrieb: > > >> > I assume the sticking point is in Genshi. Right now it's using the > >> > following syntax: > > >> > <div py:replace="XML(content)">Formatted content goes here.</div> > > >> > What should I use instead of that to insert "real" formatted content? > > >> IMHO it's generally a bad idea to let a user enter text in HTML > >> directly. I would suggest utilizing a text based markup format like > >> textile or ReST (doesn't the 20-minute wiki already do that?) or some > >> kind of wysiwyg editor. > > >> Chris > > > If the 2.0 wiki demo does it, it's not documented. I don't recall the > > original 1.x version doing it either. And yes, I don't like the idea > > of letting users put in HTML either. I was using that description to > > get the ideas flowing. > > if you take a look at this > sectionhttp://turbogears.org/2.0/docs/main/Wiki20/wiki20.html#what-about-wik... > it talks about rest > > > > > I'm new to web programming, so I don't really know where to start. > > I'll have to think about this. > > then you will soon find out why that is a very bad security issue :) >
I already know why, but thanks anyway. I'm already implementing the security modules so that only people with the correct privileges will ultimately be the only ones who get to edit the pages. Mike --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/turbogears?hl=en -~----------~----~----~----~------~----~------~--~---
