[web2py] Re: apostrophe in db and text area

Fri, 25 May 2012 07:40:35 -0700 

I think I found something !
" ' " can be replaced by HTML entity ' (in decimal, 39), and the 
strange character is  (in hexadecimal, 1B),... 27, the same, strange, 
isn't it ?

Then somewhere in my code, the SQLFORM 
form
is treated with 
realform = TAG(form.xml()) 
in order to have the whole DOM tree in the server to do some research on it 
and replacements.
This TAG function calls HTMLParser, and for this character call back 
web2pyHTMLParser.handle_charref which treats the character as decimal 27...

The problem is then on module html.py, line 2192,
 if name[1].lower()=='x':

should be 
if name[0].lower()=='x':
as given name is "x27".

Little bug :-) What is the procedure to open an issue ?

And in the mean time I will be obliged to replace manually this strange 
character back into " ' ", hopping the people that will write HTML code 
using my application will not use unicode characters


>>>> On Friday, May 25, 2012 4:35:30 AM UTC-4, Cédric Mayer wrote:
>>>>>
>>>>> Hello !
>>>>> I have a table with "text" fields:
>>>>>     Field('f_comments', type='text',
>>>>>           label=T('Comment')),
>>>>> or even:
>>>>>     Field('f_form', type='text',
>>>>>           label=T('Form'), comment=T('Please write HTML here')),
>>>>> Using appadmin interface, if I use an apostrophe " ' " inside the 
>>>>> textarea fields and submit the record form, the apostrophe saved, and if 
>>>>> I 
>>>>> display the appadmin form for the same record again, they are displayed 
>>>>> inside the textarea fields.
>>>>>
>>>>> But creating my own form:
>>>>>     form = SQLFORM(db.t_question, record, deletable=True)
>>>>> apostrophes " ' " do not appear anymore.
>>>>>
>>>>> I did some copy-paste of what was inside my own textarea to an 
>>>>> hexadecimal editor, and the apostrophe are replaced with the # 27 (hexa 
>>>>> 1B) 
>>>>> character in the case of my own form.
>>>>>
>>>>> If I save the form as-is, this 1B character is saved too, and so the 
>>>>> apostrophe disappears also if I look to the record from the appadmin 
>>>>> interface.
>>>>>
>>>>> It is really anoying as I use the content of the fields as pure HTML 
>>>>> afterwards : not having apostrophes leads to errors if I try to have some 
>>>>> Javascript in those fields.
>>>>>
>>>>> 1) What is the difference between the form generated in appadmin, and 
>>>>> the one generated by SQLFORM ?
>>>>> 2) Is there a way not to escape " ' " in text fields ?
>>>>>
>>>>

Reply via email to