On Monday 06 February 2006 18:43, Mathieu Roy wrote: > What you mention as pre, nowiki and code refers to what I called > "verbatim", see the related task comment. > > Verbatim is a neutral word that exactly means what we mean, pre is > un-understandable if you ignore HTML, nowiki is confusing (there's no > wiki involved here), code is too specific.
Ok, but there's one more issue: <code> is an inline tag, while <pre> starts
a new context. So I could use an inline <code>example which will be marked
up</code> as code, without starting a whole new section. If I would use
<pre> instead, I would display a longer example on it's own line, like
<pre>
this text
or
that text
</pre>
What do you think should <verbatim> be? Inline or a new block?
> > So, our current scheme is this:
> > input: htmlspecialchars(user input) -> database
> > output: database -> browser
> >
> > It would be much cleaner to do it the other way round:
> > input: user input -> database
> > output: htmlspecialchars(database) -> browser
>
> Do we really convert things to htmlspecialchars before inserting things
> in the database?
Unfortunately yes.
> I don't remember but that indeed seems awkward. What happen then if we
> grab the database content to put it in a plain text mail, the plain text
> get html entities? Weird.
No, it doesn't, because there's a function in Savane called
utils_unconvert_htmlspecialchars(). Guess what it does ...
> Are you sure we don't do the later?
Yep.
> > We're planning to perform some markup in the cookbook table during the
> > next upgrade of Savane. Shouldn't we also convert the HTML data into
> > normal text data?
>
> We should.
Ok, but that's another task, I guess ...
Cheers,
--
Tobias
Warning: Trespassers will be shot.
Survivors will be shot again.
pgpwUIqJdSPr2.pgp
Description: PGP signature
