Can you post some code? Using your own SQLFORM will produce the same results as appadmin when creating and editing a record (appadmin also uses SQLFORM).
Note, by default, any content you write directly to the page in the view is escaped, so any HTML tags will be escaped and displayed as literals rather than interpreted as HTML. To prevent content from being escaped, you have to wrap it in XML() (see http://web2py.com/books/default/chapter/29/5#XML). Be careful about that -- if you fail to escape content submitted by general users, you'll have a cross-site scripting vulnerability ( http://en.wikipedia.org/wiki/Cross-site_scripting). Anthony On Friday, May 25, 2012 4:35:30 AM UTC-4, Cédric Mayer wrote: > > Hello ! > I have a table with "text" fields: > Field('f_comments', type='text', > label=T('Comment')), > or even: > Field('f_form', type='text', > label=T('Form'), comment=T('Please write HTML here')), > Using appadmin interface, if I use an apostrophe " ' " inside the textarea > fields and submit the record form, the apostrophe saved, and if I display > the appadmin form for the same record again, they are displayed inside the > textarea fields. > > But creating my own form: > form = SQLFORM(db.t_question, record, deletable=True) > apostrophes " ' " do not appear anymore. > > I did some copy-paste of what was inside my own textarea to an hexadecimal > editor, and the apostrophe are replaced with the # 27 (hexa 1B) character > in the case of my own form. > > If I save the form as-is, this 1B character is saved too, and so the > apostrophe disappears also if I look to the record from the appadmin > interface. > > It is really anoying as I use the content of the fields as pure HTML > afterwards : not having apostrophes leads to errors if I try to have some > Javascript in those fields. > > 1) What is the difference between the form generated in appadmin, and the > one generated by SQLFORM ? > 2) Is there a way not to escape " ' " in text fields ? >
