Skip to content

Commit

Permalink
- Merge CGI-escape templating changes from 2.6 / 2.7 audit work.
Browse files Browse the repository at this point in the history
  • Loading branch information
@tseaver
tseaver committed Jan 15, 2004
1 parent 2fa2f59 commit 88ccccb
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 18 deletions.
14 changes: 6 additions & 8 deletions DT_In.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,10 +179,8 @@
... display rows
<!--#if sequence-end--> <!--#if next-sequence-->
<a href="<!--#var URL-->/<!--#var sequence-query
-->&batch_start=<!--#var
next-sequence-start-number-->">
(Next <!--#var next-sequence-size--> results)
<a href="&dtml-URL;/&dtml-sequence-query;batch_start=&dtml-next-sequence-start-number;">
(Next &dtml-next-sequence-size; results)
</a>
<!--#/if--> <!--#/if-->
Expand All @@ -191,15 +189,15 @@
If the original URL is: 'foo/bar?x=1&y=2', then the
rendered text (after row data are displayed) will be::
<a href="foo/bar?x=1&y=2&batch_start=20">
<a href="foo/bar?x=1&amp;y=2&amp;batch_start=20">
(Next 20 results)
</a>
If the original URL is: 'foo/bar?batch_start=10&x=1&y=2',
then the rendered text (after row data are displayed)
will be::
<a href="foo/bar?x=1&y=2&batch_start=30">
<a href="foo/bar?x=1&amp;y=2&amp;batch_start=30">
(Next 20 results)
</a>
Expand Down Expand Up @@ -331,8 +329,8 @@
''' #'

__rcs_id__='$Id: DT_In.py,v 1.61 2003/11/18 13:17:00 tseaver Exp $'
__version__='$Revision: 1.61 $'[11:-2]
__rcs_id__='$Id: DT_In.py,v 1.62 2004/01/15 22:44:07 tseaver Exp $'
__version__='$Revision: 1.62 $'[11:-2]

import sys
from DT_Util import ParseError, parse_params, name_param, str, join_unicode
Expand Down
20 changes: 10 additions & 10 deletions DT_UI.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,8 @@
##############################################################################
__doc__='''Machinery to support through-the-web editing
$Id: DT_UI.py,v 1.14 2003/07/06 10:43:46 andreasjung Exp $'''
__version__='$Revision: 1.14 $'[11:-2]
$Id: DT_UI.py,v 1.15 2004/01/15 22:44:07 tseaver Exp $'''
__version__='$Revision: 1.15 $'[11:-2]

from DT_HTML import HTML

Expand All @@ -33,7 +33,7 @@
<BODY bgcolor="#FFFFFF">
<!--#var document_template_edit_header-->
<FORM name="editform" ACTION="<!--#var URL1-->/manage_edit" METHOD="POST">
<FORM name="editform" ACTION="&dtml-URL1;/manage_edit" METHOD="POST">
<!--#var document_template_form_header-->
Document template source:
<center>
Expand All @@ -51,19 +51,19 @@
<INPUT NAME=SUBMIT TYPE="SUBMIT" VALUE="Change">
<INPUT NAME=SUBMIT TYPE="RESET" VALUE="Reset">
<INPUT NAME="dt_edit_name" TYPE="HIDDEN"
VALUE="<!--#var URL1-->">
VALUE="&dtml-URL1;">
<!--#if FactoryDefaultString-->
<INPUT NAME=SUBMIT TYPE="SUBMIT"
VALUE="<!--#var FactoryDefaultString-->">
VALUE="&dtml-FactoryDefaultString;">
<!--#/if FactoryDefaultString-->
<INPUT NAME=SUBMIT TYPE="SUBMIT" VALUE="Cancel">
<!--#if HTTP_REFERER-->
<INPUT NAME="CANCEL_ACTION" TYPE="HIDDEN"
VALUE="<!--#var HTTP_REFERER-->">
VALUE="&dtml-HTTP_REFERER;">
<!--#else HTTP_REFERER-->
<!--#if URL1-->
<INPUT NAME="CANCEL_ACTION" TYPE="HIDDEN"
VALUE="<!--#var URL1-->">
VALUE="&dtml-URL1;">
<!--#/if URL1-->
<!--#/if HTTP_REFERER-->
</center>
Expand All @@ -78,14 +78,14 @@
HTML.editConfirmation=HTML(
"""<html><head><title>Change Successful</title></head><body>
<!--#if CANCEL_ACTION-->
<form action="<!--#var CANCEL_ACTION-->" method="POST">
<form action="&dtml-CANCEL_ACTION;" method="POST">
<center>
<em><!--#var dt_edit_name--></em><br>has been changed.<br><br>
<em>&dtml-dt_edit_name;</em><br>has been changed.<br><br>
<input type=submit name="SUBMIT" value="OK">
</center>
</form></body></html>
<!--#else CANCEL_ACTION-->
<center>
<em><!--#var dt_edit_name--></em><br>has been changed.
<em>&dtml-dt_edit_name;</em><br>has been changed.
</center>
<!--#/if CANCEL_ACTION-->""")

0 comments on commit 88ccccb

Please sign in to comment.