[ZDP] BackTalk to Document The Zope Book/Advanced Zope Scripting
Wed, 10 Apr 2002 00:50:32 -0400
A comment to the paragraph below was recently added via http://www.zope.org/Documentation/ZopeBook/ScriptingZope.stx#3-68
One common use for scripts is to do string processing. Python has a
number of standard modules for string processing. You cannot do regular
expression processing from Python-based Scripts, but you do have access
to the *string* module. You have access to the *string* module from
DTML as well, but it is much easier to use from Python. Suppose you
want to change all the occurrences of a given word in a DTML
Document. Here's a script, *replaceWord*, that accepts two arguments,
*word* and *replacement*. This will change all the occurrences of a
given word in a DTML Document::
## Script (Python) "replaceWord"
Replaces all the occurrences of a word with a
replacement word in the source text of a DTML
Document. Call this script on a DTML Document to use
Note: you'll need permission to edit a document to
call this script on the document.
text=string.replace(text, word, replacement)
% Anonymous User - Apr. 9, 2002 3:26 pm:
if one needs regular expressions, but this is something that was quite surprising to me.
% Anonymous User - Apr. 10, 2002 12:50 am:
It's a security issue. Zope attaches attributes to objects in order to protect them via security assertions.
The regex module is implemented in C (as opposed to pure Python), so it's hard to attach security attributes
to the various objects that are used by the regex machinery. External methods can make full use of the regex
module, but "through the web" code (like Python scripts) cannot due to the abovementioned security