HTML generation was: A more verbose catch?

HTML generation was: A more verbose catch?

Post by George Pet » Fri, 09 Jun 2006 10:45:58



I would normally do it more like this:
proc generate_page {} {
puts "Content-type: text/html\n"
puts {
<html>
<head>
<title>Local time</title>
</head>
<body>
}

...
}

Also realize that you can do:
puts <html>

I use these techniques in my HTML generators. I consider excessive
quoting a bug waiting to happen.

-George
 
 
 

HTML generation was: A more verbose catch?

Post by Earl Greid » Fri, 09 Jun 2006 16:49:08


I used to do that but I realized I was writing the same code twice for
default web-pages, and customized cgi generated pages. With { } I could not
embed variables, so I changed the { } to " "; and cut my code in half.
puts "
<html>
<head>
<title>Local time: $localTime</title>
</head>
<body>
"

The benefit of variables is that you can use the same code for default page
generation, or customized cgi output pages.

 
 
 

HTML generation was: A more verbose catch?

Post by Donal K. F » Fri, 09 Jun 2006 19:53:36


An interesting approach, though I'd be more inclined to do this:

proc generate_page {} {
emit html {
head {
title "Local time"
}
body {
p "The time is [b [clock format [clock seconds]]]."
}
}
}

OK, it looks more verbose now, but it works *much* better in a complex
page with many more different tags, especially as retargetting to
generating XHTML is now trivial. All you need is suitable definitions of
commands for the various tags in use. And I can use procedures to help
naturally, just as in any old Tcl code. :-)

Donal (definition of a suitable set of HTML generator commands is left
as an exercise).
 
 
 

HTML generation was: A more verbose catch?

Post by Darren Ne » Sat, 10 Jun 2006 01:16:03


Just as an aside, you need to be careful you don't put values into the
variables that came from some type-in box or other user input without
scrubbing them first. Otherwise, people submit a form with javascript in
it, you store it in the database, and future customers coming by
suddenly have things running on their computers they didn't want.

(Similar to SQL injection attacks, basically.)

--
Darren New / San Diego, CA, USA (PST)
My Bath Fu is strong, as I have
studied under the Showerin' Monks.