You are viewing a plain text version of this content. The canonical link for it is here.
Posted to embperl@perl.apache.org by ___cliff rayman___ <cl...@genwax.com> on 2000/05/18 04:13:51 UTC
proposed $escmode documentation changes
Gerald,
if the following makes sense - please add it to the embperl
documentation for $escmode
Turn HTML and URL escaping on and off. The default is on
($escmode = 3).
+ The change in $escmode will take effect on the next call into
embperl. So, for example, to turn
+ off escaping for a particular section of code:
+
+ [- $save_escmode=$escmode; $escmode=0 -]
+ [+ Please read the following web message:
$web_message_in_html +]
+ [- $escmode=$save_escmode -]
+
NOTE: Normaly you can disable escaping by preceeding the item
that normaly is escaped with a
backslash. While this is a handy thing, it could be very
dangerous in situations, where content that
is inserted by some user is redisplayed, because they can enter
arbitary HTML and preceed them
with a backslash to avoid correct esaping when their input is
redisplayed again. To avoid this
--
___cliff rayman___www.genwax.com___cliff@genwax.com___
RE: proposed $escmode documentation changes
Posted by Gerald Richter <ri...@ecos.de>.
>
> your comments are true as they pertain to perl..
> i understand how local works - no problem there.
>
> in the case of embperl however:
> i believe that the escaping has already occurred on the
> block before it is processed, and therefore, in the example
> that you gave, $var would still be subject to the $escmode
> that was operating when the block started. changing it from within
> the block will have no effect on that block, only subsequent blocks.
> so, local $escmode has no effect on any embperl processing.
>
No, [+ local $escmode=0 ; $var +] works because Embperl takes care that the
escmode is switched back _after_ the block has been outputed.
I think the thing you have in mind is $optRawInput, this one _must_ be set
before the block it should act on, because the input unescaping must take
place before the block is executed.
Gerald
> --
> ___cliff rayman___www.genwax.com___cliff@genwax.com___
>
> "Martin A. Langhoff" wrote:
>
> > ___cliff rayman___ wrote:
> >
> > > + [- $save_escmode=$escmode; $escmode=0 -]
> >
> > that'd be usually written in perl as
> > [+ local $escmode=0 ; $var +]
> >
> > $escmode is set to 0 for that block only, and reset to 'saved state'
> > when the block is over.
> >
> > martin
> > -- --
> > To understand recursion, one must first understand recursion.
> > -- --
> > - Martin Langhoff @ S C I M Multimedia Technology -
> > - http://www.scim.net | God is real until -
> > - mailto:mlangho@scim.net | declared integer -
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: embperl-unsubscribe@perl.apache.org
> For additional commands, e-mail: embperl-help@perl.apache.org
>
>
Re: proposed $escmode documentation changes
Posted by ___cliff rayman___ <cl...@genwax.com>.
your comments are true as they pertain to perl..
i understand how local works - no problem there.
in the case of embperl however:
i believe that the escaping has already occurred on the
block before it is processed, and therefore, in the example
that you gave, $var would still be subject to the $escmode
that was operating when the block started. changing it from within
the block will have no effect on that block, only subsequent blocks.
so, local $escmode has no effect on any embperl processing.
--
___cliff rayman___www.genwax.com___cliff@genwax.com___
"Martin A. Langhoff" wrote:
> ___cliff rayman___ wrote:
>
> > + [- $save_escmode=$escmode; $escmode=0 -]
>
> that'd be usually written in perl as
> [+ local $escmode=0 ; $var +]
>
> $escmode is set to 0 for that block only, and reset to 'saved state'
> when the block is over.
>
> martin
> -- --
> To understand recursion, one must first understand recursion.
> -- --
> - Martin Langhoff @ S C I M Multimedia Technology -
> - http://www.scim.net | God is real until -
> - mailto:mlangho@scim.net | declared integer -