[Zope-CVS] CVS: Products/WikiForNow - ZWikiPage.py:1.3

Martijn Pieters mj@zope.com
Mon, 15 Jul 2002 14:44:31 -0400


Update of /cvs-repository/Products/WikiForNow
In directory cvs.zope.org:/tmp/cvs-serv19866

Modified Files:
	ZWikiPage.py 
Log Message:
Ensure proper quoting of REQUEST-sourced variables.


=== Products/WikiForNow/ZWikiPage.py 1.2 => 1.3 ===
         <small>
           Last 
           <a href="&dtml-wiki_page_url;/pagehistory">edited</a>
-            <dtml-if last_editor> by <b><dtml-var last_editor></b> </dtml-if>
+            <dtml-if last_editor> by <b><dtml-var last_editor html_quote></b> </dtml-if>
             on <dtml-var bobobase_modification_time fmt=aCommon> </small>
     </td>
   <tr>
@@ -2641,7 +2641,7 @@
         <small>
           Last 
           <a href="&dtml-wiki_page_url;/pagehistory">edited</a>
-            <dtml-if last_editor> by <b><dtml-var last_editor></b> </dtml-if>
+            <dtml-if last_editor> by <b><dtml-var last_editor html_quote></b> </dtml-if>
             on <dtml-var bobobase_modification_time fmt=aCommon> </small>
     </td>
   <tr>
@@ -2750,8 +2750,8 @@
       <tr bgcolor=<dtml-if noedit>"pink"<dtml-else>"eeeeee"</dtml-if> >
         <td colspan=2 align="center">
           <TEXTAREA WRAP="soft" NAME="text"
-                    ROWS=<dtml-var zwiki_height missing=18>
-                    COLS=<dtml-var zwiki_width missing=80>
+                    ROWS=<dtml-var zwiki_height missing=18 html_quote>
+                    COLS=<dtml-var zwiki_width missing=80 html_quote>
                   <dtml-if noedit>
                     readonly
                     onkeydown="this.blur(); return false;"
@@ -2770,8 +2770,8 @@
        <dtml-else>
         <td valign="middle" align="right">
           <INPUT TYPE="submit"
-                 NAME="<dtml-var action>"
-                 VALUE="<dtml-var action> <dtml-var id size=20>">
+                 NAME="&dtml-action;"
+                 VALUE="&dtml-action; <dtml-var id size=20 html_quote>">
        </dtml-if>
         </td>
       </tr>
@@ -2885,7 +2885,7 @@
         <small>
           Last 
           <a href="&dtml-wiki_page_url;/pagehistory">edited</a>
-            <dtml-if last_editor> by <b><dtml-var last_editor></b> </dtml-if>
+            <dtml-if last_editor> by <b><dtml-var last_editor html_quote></b> </dtml-if>
             on <dtml-var bobobase_modification_time fmt=aCommon> </small>
     </td>
   <tr>
@@ -3058,7 +3058,7 @@
     To subscribe or unsubscribe, please first enter your email address:
   </dtml-if>
   <br>
-  <input name="email" type="text" value="<dtml-var email missing>">
+  <input name="email" type="text" value="&dtml.html_quote.missing-email;">
   <input name="emailchanged" type="hidden" value="1">
   <INPUT TYPE="submit" NAME="../subscribeform:method" VALUE=" Change ">
   <br><br>