Completely OT
Victor Subervi
victorsubervi at gmail.com
Mon Nov 30 13:21:00 EST 2009
On Mon, Nov 30, 2009 at 2:00 PM, inhahe <inhahe at gmail.com> wrote:
> On Mon, Nov 30, 2009 at 12:58 PM, inhahe <inhahe at gmail.com> wrote:
> > On Mon, Nov 30, 2009 at 12:49 PM, Victor Subervi
> > <victorsubervi at gmail.com> wrote:
> >>
> >>
> >> If I'm not mistaken, that won't help me actually print to screen the
> user's
> >> choices as he selects them, which in my application, is important.
> Please
> >> advise.
> >> TIA,
> >> V
> >
> >
> > sure, that's where this part comes in:
> >
> > the javascript would populate the list for the colors the user selects
> > (the easiest way would probably be to give the list an id and use
> > getElementByID())
> >
> > so basically you'd define, e.g., an onClick="blah('red'); return true"
> > within the red element's tag, and then define a function blah(x) that
> > says
> > getElementById("my_list_id").innerHtml += "<br>" + x;
> > and of course give your list textarea an id="my_list_id" attribute in the
> tag.
> >
> > that could be slightly wrong, my javascript's rusty
> >
>
> also don't forget to sanitize the data you receive before committing
> it to the database, or someone can hack the javascript and send an SQL
> injection attack
>
Good call! However, in my case I can put this all behind a firewall. It's
only for the shop builder's use, and that's my client...whom I can track!
But I presume this would entail doing searches for and eliminating all
unnecessary characters, right?
V
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20091130/30577571/attachment-0001.html>
More information about the Python-list
mailing list