This question about Topic Markup Language and applications: Answered
I'm building an application. I want a "create" form, in HTML, that will provide a set of checkboxes.
The items for the checkboxes are in a table in topic "CheckboxItems", e.g.
| *Item* |
| A |
| B |
| C |
| D |
| E |
In my HTML form, I can do this (lines broken for clarity):
%SEARCH{ "^\| +[^\*][^\|]*\|" topic="CheckboxItems"
type="regex" multiple="on" nonoise="on"
format="<label><input type='checkbox' name='Item'
value='$pattern(^\| *(.*?) *\|.*)' class='foswikiCheckbox'
/> $pattern(^\| *(.*?) *\|.*) </label>
"
}%
This works. I see a set of checkboxes in the result.
However, in the interests of DRY (Don't Repeat Yourself), I thought "I'll set a variable for the pattern!"
So, I tried this:
%SEARCH{ "^\| +[^\*][^\|]*\|" topic="CheckboxItems"
type="regex" multiple="on" nonoise="on"
format="$percntCALC{ $SET(cbitem, $pattern(^\| *(.*?) *\|.*))
<label><input type='checkbox' name='Item'
value='$GET(cbitem)' class='foswikiCheckbox'
/> $GET(cbitem) </label> }$percnt
"
}%
I get almost the same output except that it's 'verbatim'. All of the HTML angle brackets are escaped. i.e. the source contains:
<label><input type='checkbox' name='Item' value='A' class='foswikiCheckbox' /> A </label>
...
I assume I'm doing something very silly, but what?
--
VickiBrown - 21 Jun 2016
See
SpreadSheetPlugin documentation for the SPREADSHEETPLUGIN_ALLOWHTML setting.
SSP macros will not emit html, to prevent certain XSS attacks.
--
GeorgeClark - 21 Jun 2016
Here's an approach using
FilterPlugin's %FORMATLIST:
%STARTSECTION{"table"}%
| *Item* |
| A |
| B |
| C |
| D |
| E |
%ENDSECTION{"table"}%
%FORMATLIST{
"$percntINCLUDE{\"%WEB%.%TOPIC%\" section=\"table\"}$percnt"
split="\n"
skip="1"
pattern="\s*\|\s*(.*?)\s*\|"
format="<label><input type='checkbox' name='Item' value='$1' class='foswikiCheckbox' /> $1</label>"
separator="$n"
}%
--
Main.MichaelDaum - 21 Jun 2016