Two problems with this:
{{if len(post.content) > 500:}}
{{=XML(post.content[0:500])}} [ read more ]
{{else:}}
{{=XML(post.content)}}
{{pass}}
1) XML(post.content) is vulenrable to XSS injections. Do XML
(post.content,sanitize=True) instead.
2) XML(post.content[0:500]) may (and will) truncate some tags. What if
for example post content[0:500]='bla bla ... bla <a href="http' it
will mess up your page very badly. sanitize=True will fix the problem
in this case but the output will not look nice as you's expect.
On Jan 6, 5:47 am, Leandro - ProfessionalIT <[email protected]>
wrote:
> > To solve this problem I thought of two solutions:
>
> > 1) Break the post in determined number of the words, but this has a
> > problem:
> > - Break the formatation of my index page.
>
> > I implemented this to test but as the content field is a field
> > that accepts html tags if I put a "read more" in 50 words and this
> > occurs before closing a tag </ pre> eg just breaking the layout of the
> > page.
>
> My implementation in the "for" that iterate in posts list:
>
> {{if len(post.content) > 500:}}
> {{=XML(post.content[0:500])}} [ read more ]
> {{else:}}
> {{=XML(post.content)}}
> {{pass}}
>
> > 2) Implement/put a "special tag" [more] for example in the field
> > content of the post, and in the page filter to stop the post in this
> > tag. (Think that this is the "best idea", but I don't know how to do
> > this)
>
> > Then, what is the best way to do this? any suggestion or idea?
>
> > -- Leandro.
>
>
--
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en.
