[ZDP] BackTalk to Document The Zope Book (2.6 Edition)/Basic DTML

webmaster at zope.org webmaster at zope.org
Thu Dec 18 18:55:57 EST 2003 

A comment to the paragraph below was recently added via http://zope.org/Documentation/Books/ZopeBook/2_6Edition/DTML.stx#4-55

---------------

        You can control the behavior of the *var* tag using its
        attributes. The *var* tag has many attributes that help you in
        common formatting situations. The attributes are summarized in
        Appendix A. Here's a sampling of *var* tag attributes.

          html_quote -- This attribute causes the inserted values to be
          HTML quoted.  This means that '<', '>' and '&' are escaped.
          Note that as of Zope 2.6, all string values which are
          retrieved from the REQUEST namespace are HTML-quoted by
          default.  This helps to prevent "cross-site scripting"
          security holes present in earlier Zope versions, where a user
          could insert some clever JavaScript into a page in order to
          possibly make you divulge information to him which could be
          private.  For more information, see the "CERT
          advisory":http://www.cert.org/advisories/CA-2000-02.html on
          the topic.

          missing -- The missing attribute allows you to specify a
          default value to use in case Zope can't find the variable. For
          example::

              <dtml-var bananas missing="We have no bananas">

          fmt -- The fmt attribute allows you to control the format of
          the *var* tags output. There are many possible formats which are
          detailed in "Appendix A":AppendixA.stx.

            One use of the *fmt* attribute is to format monetary
            values. For example, create a *float* property in your root
            folder called *adult_rate*.  This property will represent
            the cost for one adult to visit the Zoo.  Give this property
            the value '2.2'.

              % Anonymous User - Oct. 31, 2003 11:02 am:
               I think this is the first mention of Properties.... Would be helpful to explain that the properties are found
               with the properties tag....since up until nos almost all additions have been done by the pulldown menu.:)

              % Anonymous User - Oct. 31, 2003 11:05 am:
               I think this is the first mention of Properties.... Would be helpful to explain that the properties are found
               with the properties tag....since up until now almost all additions have been done by the pulldown menu.:)

            You can display this cost in a DTML Document or Method like so::

              One Adult pass: <dtml-var adult_rate fmt=dollars-and-cents>

            This will correctly print "$2.20". It will round more
            precise decimal numbers to the nearest penny.

          % Anonymous User - Dec. 18, 2003 6:55 pm:
           The first paragraph seems to be formatted strangely; a <br> after each <i>var</i>

More information about the ZDP mailing list