[web2py] Massimo discussing py4web live 7/11/2020 10am PST on freenode
No login needed. Text-based. https://webchat.freenode.net/#py4web -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/web2py/ed8ac4fd-0fb8-40fa-90a2-506090723634o%40googlegroups.com.
Re: [web2py] how do i escape some characters when saving to db
You welcome, just keep in mind when you decode a value with XML() it might be interpreted as HTML, and may lead to Cross Site Scripting (XSS) attacks. If an user craft an input like
Re: [web2py] how do i escape some characters when saving to db
Wow it works !
Thanks a lot!
Regards
On Sunday, July 12, 2020 at 6:06:07 PM UTC+3, Christian Varas wrote:
>
> Maybe you can try something like:
>
> db.something.insert(str(XML(request.vars.somevalue, sanitize=True)))
>
> I use this method to escape everything and convert all to string
>
> Then in the view to see the values not encoded use: {{=XML(value)}}
>
> Maybe helps
>
> Cheers.
>
> El El dom, 12 de jul. de 2020 a la(s) 10:53, Maurice Waka <
> mauri...@gmail.com > escribió:
>
>> I have some strings in *request.vars* that I'm trying to save to db.
>>
>> An example is this : ["sure","iii!@#$%^&*()_"]. These strings/lists come
>> from users in an natural language processing (NLP) app being used.
>>
>> For example in medical language a bone fracture represented as '#'
>> instead of the whole noun, while 'and' used as '&'. These are commonly used
>> characters that I can avoid to process.
>>
>> The problem is that when I check the DB, it does not save strings with
>> characters after '#' and '&' characters e.g. 'abcdef!@#$%%%' being saved as
>> 'abcdef!@' or in medical terms: "my patient recently had a # while jogging"
>> is saved .. "my patient recently had a
>>
>> How can I make sure to save the whole string.
>>
>> Kind regards
>>
>> --
>> Resources:
>> - http://web2py.com
>> - http://web2py.com/book (Documentation)
>> - http://github.com/web2py/web2py (Source code)
>> - https://code.google.com/p/web2py/issues/list (Report Issues)
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "web2py-users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to web...@googlegroups.com .
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/web2py/f10fa835-ce3b-491f-a2b2-c057bf38cb5eo%40googlegroups.com
>>
>>
>> .
>>
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/web2py/1a79beb0-c01b-4e61-ad7d-783dc1e0a3feo%40googlegroups.com.
Re: [web2py] how do i escape some characters when saving to db
Maybe you can try something like:
db.something.insert(str(XML(request.vars.somevalue, sanitize=True)))
I use this method to escape everything and convert all to string
Then in the view to see the values not encoded use: {{=XML(value)}}
Maybe helps
Cheers.
El El dom, 12 de jul. de 2020 a la(s) 10:53, Maurice Waka <
mauricew...@gmail.com> escribió:
> I have some strings in *request.vars* that I'm trying to save to db.
>
> An example is this : ["sure","iii!@#$%^&*()_"]. These strings/lists come
> from users in an natural language processing (NLP) app being used.
>
> For example in medical language a bone fracture represented as '#' instead
> of the whole noun, while 'and' used as '&'. These are commonly used
> characters that I can avoid to process.
>
> The problem is that when I check the DB, it does not save strings with
> characters after '#' and '&' characters e.g. 'abcdef!@#$%%%' being saved as
> 'abcdef!@' or in medical terms: "my patient recently had a # while jogging"
> is saved .. "my patient recently had a
>
> How can I make sure to save the whole string.
>
> Kind regards
>
> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to the Google Groups
> "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to web2py+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/web2py/f10fa835-ce3b-491f-a2b2-c057bf38cb5eo%40googlegroups.com
>
> .
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/web2py/CA%2Bs%2BuJsC6EW%2Bw89x%2BeJ_RyZjYZwTJSJO-RoEqFrLouAs%2B0jqYw%40mail.gmail.com.
[web2py] how do i escape some characters when saving to db
I have some strings in *request.vars* that I'm trying to save to db. An example is this : ["sure","iii!@#$%^&*()_"]. These strings/lists come from users in an natural language processing (NLP) app being used. For example in medical language a bone fracture represented as '#' instead of the whole noun, while 'and' used as '&'. These are commonly used characters that I can avoid to process. The problem is that when I check the DB, it does not save strings with characters after '#' and '&' characters e.g. 'abcdef!@#$%%%' being saved as 'abcdef!@' or in medical terms: "my patient recently had a # while jogging" is saved .. "my patient recently had a How can I make sure to save the whole string. Kind regards -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/web2py/f10fa835-ce3b-491f-a2b2-c057bf38cb5eo%40googlegroups.com.
