Hi folks! In revision 891 i have added a undocumented feature. Now you can insert and use in widget POST ang GET values, witth this syntax: - [GET[key]] - [POST[key]]
For example: <form id="search"><input type='text' name='search' value='[GET[search]]'> with this url www.aiki.org/sitemap?page=4 (sql( (select i from anytable limit [GET[page]]000, 1000.... )sql) (jakub, i'm not sure this will work...) This feature can be useful, but can be a open door to script and sql injection. what do you think? remove? maintain? sanitze (not allowing ')? roger
_______________________________________________ Mailing list: https://launchpad.net/~aikiframework-devel Post to : [email protected] Unsubscribe : https://launchpad.net/~aikiframework-devel More help : https://help.launchpad.net/ListHelp
