Thanks Anthony, I had to move all the web2py tags out of the static util.js
and I put them in <script> inside the view html. The quotes was the problem.
I can call my controller now and I see the json that was passed to it,
which is great.
The current views code now looks like this:
<script>
$(document).ready(function() {
$('#additem').click(function() {
var url = '{{=URL('default', 'add_item')}};
add_item(url, {{=item.id}}, 1);
}
</script>
<a href="" id="additem">Add Me</a>
I have two questions now:
1. For some reason every click results in a javascript alert saying that it
Failed, even though I can successfully do stuff with the data in the
controller. Is there some sort of code I'm supposed to return through the
controller to let jquery know that it's been successful?
2. To be safe, I'll sanitize the expected integers like so:
def add_item():
# get json data as 'data' ...
item_id = int(data['test']['item_id'])
other_data = int(data['test']['some_detail'])
# Insert that item_id and other_data into db...
But if I expected a string, how would I sanitize that string before
using it to do something with the database? Is there a safe practice for
this type of approach of getting data from json?
On Monday, May 6, 2013 2:26:02 PM UTC-4, Anthony wrote:
>
>
> <a href="" id="additem" onclick="add_item({{=URL('default', 'add_item')}},
>> {{item.id}}, 1);">Add Me</a>
>>
>
> Again, you're going to need quotes around that URL:
>
> <a href="" id="additem" onclick="add_item('{{=URL('default', 'add_item
> ')}}', {{item.id}}, 1);">Add Me</a>
>
> Anthony
>
>
--
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
