[Catalyst] html escaping question
Hello @all, as you could help me that fast and excellent yesterday I have an other question to you ;) What is the best/common practice to get text that might containt html escapable characters (e. g. '', '') from a form field to catalyst to db and back to form field? At the moment I'm thinking of not doing any html escaping at all and believe in unicode to handle the encoding correctly, but I would ran into problems with 'funname'. So if I escape a string and send it back to the form the content of the textfield is 'lt;funamegt;'. Why is that? Again every thought is allmost welcome. Greets, Mario Minati ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] html escaping question
Mario Minati wrote: Hello @all, as you could help me that fast and excellent yesterday I have an other question to you ;) What is the best/common practice to get text that might containt html escapable characters (e. g. '', '') from a form field to catalyst to db and back to form field? At the moment I'm thinking of not doing any html escaping at all and believe in unicode to handle the encoding correctly, but I would ran into problems with 'funname'. So if I escape a string and send it back to the form the content of the textfield is 'lt;funamegt;'. Why is that? Again every thought is allmost welcome. Greets, Mario Minati I'll asume you are using TT since you didn't say otherwise' [% 'funname' | html %] ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] html escaping question
Am Mittwoch 21 März 2007 10:38 schrieb Ash Berlin: Mario Minati wrote: Hello @all, as you could help me that fast and excellent yesterday I have an other question to you ;) What is the best/common practice to get text that might containt html escapable characters (e. g. '', '') from a form field to catalyst to db and back to form field? At the moment I'm thinking of not doing any html escaping at all and believe in unicode to handle the encoding correctly, but I would ran into problems with 'funname'. So if I escape a string and send it back to the form the content of the textfield is 'lt;funamegt;'. Why is that? Again every thought is allmost welcome. Greets, Mario Minati I'll asume you are using TT since you didn't say otherwise' [% 'funname' | html %] You mean I have to filter every form field that way? Or do you mean normal text content? I hope there's a smoother solution otherwise this would be quite a bit of work. How are others solving the problem with this kind of characters in unicode enabled websites? Greets, Mario ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] html escaping question
Am Mittwoch 21 März 2007 12:42 schrieb Carl Franks: On 21/03/07, Mario Minati [EMAIL PROTECTED] wrote: Am Mittwoch 21 März 2007 10:38 schrieb Ash Berlin: Mario Minati wrote: What is the best/common practice to get text that might containt html escapable characters (e. g. '', '') from a form field to catalyst to db and back to form field? At the moment I'm thinking of not doing any html escaping at all and believe in unicode to handle the encoding correctly, but I would ran into problems with 'funname'. So if I escape a string and send it back to the form the content of the textfield is 'lt;funamegt;'. Why is that? I'll asume you are using TT since you didn't say otherwise' [% 'funname' | html %] You mean I have to filter every form field that way? Or do you mean normal text content? Mario, Am I right in thinking you're not using formfu in this particular case? Because if you are, H::FF::Element::field::_render_value() already runs all values through H::FF::Util::xml_escape() which escapes the 5 characters ' In which case you may be double-escaping. I am Carl. But how can I circumvent this. Actually it's not a clever question. Is it usefull to circumvent that. My current problem: As the part of my project I am working on at moment deals with companies I have to deal with GmbH Co. KG which is a quite popular type of company in Germany. If a users types that in a form field everything is fine until it comes to editing. The string is escaped - of course. But the user is confused when he sees GmbH amp; Co. KG. How to go about that? Greets, Mario Minati ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] html escaping question
On 21/03/07, Mario Minati [EMAIL PROTECTED] wrote:
Am Mittwoch 21 März 2007 12:42 schrieb Carl Franks:
In which case you may be double-escaping.
But how can I circumvent this. Actually it's not a clever question.
Is it usefull to circumvent that.
My current problem:
As the part of my project I am working on at moment deals with companies I
have to deal with GmbH Co. KG which is a quite popular type of company in
Germany.
If a users types that in a form field everything is fine until it comes to
editing. The string is escaped - of course. But the user is confused when he
sees GmbH amp; Co. KG.
Find out which part of your app is double-escaping, and stop it.
If your template has just [% form %] there shouldn't be any problem.
By default, a field with:
default_value('GmbH Co')
will render as:
value=Gmbh amp; Co
the user will see the value as:
GmbH Co
and when it's submitted, the server will see:
GmbH Co
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] html escaping question
Mario Minati wrote: snip I am Carl. But how can I circumvent this. Actually it's not a clever question. Is it usefull to circumvent that. My current problem: As the part of my project I am working on at moment deals with companies I have to deal with GmbH Co. KG which is a quite popular type of company in Germany. If a users types that in a form field everything is fine until it comes to editing. The string is escaped - of course. But the user is confused when he sees GmbH amp; Co. KG. How to go about that? Greets, Mario Minati Check at which point the escaping is being done. Is it in your database un-escaped for example? Regards Ian C. Docherty (icydee) ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] html escaping question
Am Mittwoch 21 März 2007 15:01 schrieb Carl Franks:
On 21/03/07, Mario Minati [EMAIL PROTECTED] wrote:
Am Mittwoch 21 März 2007 12:42 schrieb Carl Franks:
In which case you may be double-escaping.
But how can I circumvent this. Actually it's not a clever question.
Is it usefull to circumvent that.
My current problem:
As the part of my project I am working on at moment deals with companies
I have to deal with GmbH Co. KG which is a quite popular type of
company in Germany.
If a users types that in a form field everything is fine until it comes
to editing. The string is escaped - of course. But the user is confused
when he sees GmbH amp; Co. KG.
Find out which part of your app is double-escaping, and stop it.
If your template has just [% form %] there shouldn't be any problem.
By default, a field with:
default_value('GmbH Co')
will render as:
value=Gmbh amp; Co
the user will see the value as:
GmbH Co
and when it's submitted, the server will see:
GmbH Co
You were right, as always ;-)
I used the FormFu HTMLEscape Filter and the $amp; in the database got encode a
second time while form processing.
Thanks again,
Mario
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] html escaping question
Mario I might have the wrong end of the stick here but I hope you are saying that you are going to fix this by making sure that the database holds the un-escaped text? Regards Ian C Docherty (icydee) Mario Minati wrote: Am Mittwoch 21 März 2007 15:01 schrieb Carl Franks: snip You were right, as always ;-) I used the FormFu HTMLEscape Filter and the $amp; in the database got encode a second time while form processing. Thanks again, Mario ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] html escaping question
Am Mittwoch 21 März 2007 17:19 schrieb Ian Docherty: Hi Ian, yes I kicked out the HTMLEscape Constraint. And the result is a nice '' in the DB (checked with pgadmin III). Thanks for your concern. Greets, Mario Mario I might have the wrong end of the stick here but I hope you are saying that you are going to fix this by making sure that the database holds the un-escaped text? Regards Ian C Docherty (icydee) Mario Minati wrote: Am Mittwoch 21 März 2007 15:01 schrieb Carl Franks: snip You were right, as always ;-) I used the FormFu HTMLEscape Filter and the $amp; in the database got encode a second time while form processing. Thanks again, Mario ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
