def render(self, node, bean, tags): item = bean.item wlib = store.getWeblib() if item.id == -1: node.form_title.content %= 'Add Entry' node.edit_header.omit() else: node.form_title.content %= 'Edit Entry' node.add_header.omit() form = node.form id = item.id < 0 and '_' or str(item.id) form.atts['action'] = request.rid_url(id) if bean.errors: escaped_errors = map(saxutils.escape, bean.errors) form.error.message.raw = '<br />'.join(escaped_errors) else: form.error.omit() if item: form.name .atts['value'] = item.name form.created .atts['value'] = item.created form.url .atts['value'] = item.url form.description.content = item.description form.tags .atts['value'] = bean.item.tags_description form.nickname .atts['value'] = item.nickname if weblib_util.isFileURL(item.url): scheme, netloc, url_path, _, _, _ = urlparse.urlparse(item.url) pathname = weblib_util.nt_url2pathname(url_path) form.url_link.atts['href'] = '/weblib/%s/url#%s' % (item.id, item.url) form.filename.content = pathname else: form.url_link.atts['href'] = item.url form.filename.omit() # if item.modified: # form.modified_txt.content = item.modified # if item.fetched: # form.snapshot_txt.content = item.fetched tags_strings = [u' "%s"' % response.jsEscapeString(unicode(tag)) for tag in tags] node.form.tags_array.raw = node.form.tags_array.raw % ',\n'.join(tags_strings) new_tags = bean.newTags and u', '.join(bean.newTags) or '' encoded_tags = response.jsEscapeString(new_tags) node.form.new_tags_js_var.raw = node.form.new_tags_js_var.raw % encoded_tags # weblibForm get invoked from CGI weblib.py #if __name__ == "__main__": # main(sys.stdin, sys.stdout, os.environ)
def _format_tag_base(tag_info): encoded_tag_name = response.jsEscapeString(tag_info[1].lower()) count = tag_info[2] if not tag_info[3]: encoded_hint = '' else: hint = unicode(tag_info[3]) if count > 1: suffix = ',...' elif len(hint) > _TRIM_TITLE: suffix = '...' else: suffix = '' hint = hint[:_TRIM_TITLE] + suffix encoded_hint = response.jsEscapeString(hint) statement = "tag_base['%s'] = [%s,'%s'];" % (encoded_tag_name, count, encoded_hint) return statement
def render(self, node, errors, new_tags, ids, names, tags, add_tags=''): """ @param tags - list of (id, name, flag, changed) """ form = node.form if errors: escaped_errors = map(saxutils.escape, errors) form.error.message.raw = '<br />'.join(escaped_errors) else: form.error.omit() form.id_list.atts['value'] = ','.join(map(str,ids)) form.title.repeat(self.renderTitle, names) form.tag.repeat(self.renderTag, tags) form.add_tags.atts['value'] = add_tags tags = new_tags and u', '.join(new_tags) or '' encode_tags = response.jsEscapeString(tags) node.form.new_tags_js_var.raw = node.form.new_tags_js_var.raw % encode_tags
def test_jsEscapeString(self): text = u"""You should see 1. new line separate by \\n.\r 2. new line separate by \\r\\n. 3. quote ' and double quote ". 4. The slash \\ character. 5. The & character. 6. The angle brackets < and >. 7. The euro sign \N{euro sign}. """ escaped_test = response.jsEscapeString(text) print '\nPlease cut and paste the statement below and test in your browser' print '-'*72 print (TEST_HTML_TEMPLATE % escaped_test).encode('utf8') print '-'*72 self.assert_('.\\r\\n' in escaped_test) self.assert_('\\"' in escaped_test) self.assert_("\\'" in escaped_test) self.assert_('\\\\' in escaped_test) self.assert_('&' not in escaped_test) self.assert_('<' not in escaped_test) self.assert_('>' not in escaped_test)
def render(self, node, url=''): node.url.raw = 'var url="%s";' % response.jsEscapeString(url)