Try a custom validator to sanitize your description field.
On Wed, Dec 19, 2012 at 12:06 PM, wwwgong <wen.g.g...@gmail.com> wrote:
> Hi,
> I like to store youtube videos into a table:
>
> db.define_table('youtube',
> Field('code'),
> Field('description')
> )
>
> def youtube_repr(code,width=400,height=250):
> return XML("""
> <object width="%(width)s" height="%(height)s">
> <param name="movie"
> value="http://www.youtube.com/v/%(code)s&hl=en_US&fs=1&"></param>
> <param name="allowFullScreen" value="true"></param>
> <param name="allowscriptaccess" value="always"></param>
> <embed src="http://www.youtube.com/v/%(code)s&hl=en_US&fs=1&"
> type="application/x-shockwave-flash" allowscriptaccess="always"
> allowfullscreen="true" width="%(width)s"
> height="%(height)s"></embed>
> </object>""" % dict(code=code, width=width, height=height)
> )
>
> db.youtube.code.represent = youtube_repr
>
> with this controller:
> def youtube_video():
> form = SQLFORM.grid(db.youtube)
> return dict(form=form)
>
> If the "description" field contains double quote char {"}, it will messes
> up,
> see screenshot at
> http://dl.dropbox.com/u/54552252/cleanse-web2py-field-value.jpg
>
> I know web2py offers custom validator to detect special char in Form field,
> but is it possible to attach a pre-process function at DAL layer to cleanse
> field value before db operation?
>
> Something like:
>
> db.youtube.description.preprocess = cleanse_special_char
>
> where "cleanse_special_char" is a function to cleanse db.youtube.description
> field value
>
> Can someone offer a solution or workaround?
>
> Thanks,
> Wen
>
>
> --
>
>
>
--
