[Zope] html_quote in python methods?

Andy McKay andym@ActiveState.com
Tue, 2 Jan 2001 09:45:10 -0800


Can you do an import in python methods? Still have to install and play with
them. If so you can:

from DT_Util import html_quote

Theres probably a better way... as per DT_var.py

--
  Andy McKay, Developer.
  ActiveState.


----- Original Message -----
From: "Jim Washington" <jwashin@vt.edu>
To: <zope@zope.org>
Sent: Tuesday, January 02, 2001 6:32 AM
Subject: [Zope] html_quote in python methods?


> I am using Python Methods a lot now.
>
> Good:
> no more <dtml-with> to get to the objects I need. Yay!
> no more worrying about closing blocks. Yay!
>
> OK, when I make a syntax error, there is no help in the traceback.  My
> Python is getting better and better as a result.
>
> To give something back, I have a hint that took me a while to figure
> out:
>
> print '<td width="33%">%s</td>' % (self.thevariable)
> will not work.  The first % needs to be escaped like so:
>
> print '<td width="33%%">%s</td>' % (self.thevariable)
>
> Now, can I use html_quote in a Python Method?  I am letting people enter
> data for redisplay, and I know some Bozo (TM) will somehow put in
> "<table>"
> and break the page.
>
> Can I keep this from happening?  html_quote does not seem to be in the
> Python Method namespace.
>
> Regards,
>
> -- Jim Washington
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
>