Le Lundi 6 Février 2006 18:59, Tobias Toedter a écrit :
> On Monday 06 February 2006 18:43, Mathieu Roy wrote:
> > What you mention as pre, nowiki and code refers to what I called
> > "verbatim", see the related task comment.
> >
> > Verbatim is a neutral word that exactly means what we mean, pre is
> > un-understandable if you ignore HTML, nowiki is confusing (there's no
> > wiki involved here), code is too specific.
>
> Ok, but there's one more issue: <code> is an inline tag, while <pre> starts
> a new context. So I could use an inline <code>example which will be marked
> up</code> as code, without starting a whole new section. If I would use
> <pre> instead, I would display a longer example on it's own line, like
>
> <pre>
> this text
> or
> that text
> </pre>
>
> What do you think should <verbatim> be? Inline or a new block?
inline.
We should be able to do things like:
bla bla bla <verbatim>sub bah_bah { last; }</verbatim>
But as I said before, it should be instead:
bla bla bla #verbatim#sub bah_bah { last; }#verbatim#
Using html < and > is shooting a bullet in our foot. As one may well be
writing in a comment
#verbatim#
althis html <b>bla bla</a> with <code>inside</code> bla bla
blo bli <br>
#verbatim#
And we definitely do not want <code> in this text to have any effect.
The point with #verbatim# is the fact that this is not used in any language
(or if it does, I wonder which)
Also, it highlight the idea of the string being some kind of comment which
wont show up in the end.
> > > So, our current scheme is this:
> > > input: htmlspecialchars(user input) -> database
> > > output: database -> browser
> > >
> > > It would be much cleaner to do it the other way round:
> > > input: user input -> database
> > > output: htmlspecialchars(database) -> browser
> >
> > Do we really convert things to htmlspecialchars before inserting things
> > in the database?
>
> Unfortunately yes.
>
> > I don't remember but that indeed seems awkward. What happen then if we
> > grab the database content to put it in a plain text mail, the plain text
> > get html entities? Weird.
>
> No, it doesn't, because there's a function in Savane called
> utils_unconvert_htmlspecialchars(). Guess what it does ...
>
Granted this is not great. But I guess changing that means reviewing all the
code, everytime a SQL INSERT or UPDATE is made. Tough job!
> > > We're planning to perform some markup in the cookbook table during the
> > > next upgrade of Savane. Shouldn't we also convert the HTML data into
> > > normal text data?
> >
> > We should.
>
> Ok, but that's another task, I guess ...
I guess we can change this way to do things or keep it as it is. Granted, the
cleanest would be to change it. But I think it will take time.
--
Mathieu Roy
+---------------------------------------------------------------------+
| General Homepage: http://yeupou.coleumes.org/ |
| Computing Homepage: http://alberich.coleumes.org/ |
| Not a native english speaker: |
| http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english |
+---------------------------------------------------------------------+
