Replacing Single Quote
26 views
Skip to first unread message
John Lester Corrales
Sep 27, 2022, 2:37:43 AM9/27/22
to Orbeon Forms
Please see below code snippet:
<xh:div class="completing-dr-field">
<xf:input bind="given-name-bind">
<xf:label ref="instance('fr-form-resources')/resource/eds-completing-doctor/given-name/label"/>
<xf:hint ref="instance('fr-form-resources')/resource/eds-completing-doctor/given-name/hint"/>
<xf:alert ref="instance('fr-form-resources')/resource/eds-completing-doctor/given-name/alert" validation="given-name-validation"/>
<xf:action ev:event="xforms-value-changed">
<xf:setvalue
ref="instance()/given-name"
value="$binding/given-name"/>
</xf:action>
<xf:action ev:event="xforms-value-changed" if="not(xxf:instance('fr-form-instance')/completing-dr/given-name)">
<xf:insert
context="xxf:instance('fr-form-instance')/completing-dr"
origin="instance()/given-name"/>
</xf:action>
<xf:action ev:event="xforms-value-changed" if="xxf:instance('fr-form-instance')/completing-dr/given-name">
<xf:setvalue
ref="xxf:instance('fr-form-instance')/completing-dr/given-name"
value="instance()/given-name"/>
</xf:action>
</xf:input>
</xh:div>
<xf:input bind="given-name-bind">
<xf:label ref="instance('fr-form-resources')/resource/eds-completing-doctor/given-name/label"/>
<xf:hint ref="instance('fr-form-resources')/resource/eds-completing-doctor/given-name/hint"/>
<xf:alert ref="instance('fr-form-resources')/resource/eds-completing-doctor/given-name/alert" validation="given-name-validation"/>
<xf:action ev:event="xforms-value-changed">
<xf:setvalue
ref="instance()/given-name"
value="$binding/given-name"/>
</xf:action>
<xf:action ev:event="xforms-value-changed" if="not(xxf:instance('fr-form-instance')/completing-dr/given-name)">
<xf:insert
context="xxf:instance('fr-form-instance')/completing-dr"
origin="instance()/given-name"/>
</xf:action>
<xf:action ev:event="xforms-value-changed" if="xxf:instance('fr-form-instance')/completing-dr/given-name">
<xf:setvalue
ref="xxf:instance('fr-form-instance')/completing-dr/given-name"
value="instance()/given-name"/>
</xf:action>
</xf:input>
</xh:div>
When setting value, if user input single quote, is there a way wherein we can sanitize/replace the single quote?
Alessandro Vernet
Sep 27, 2022, 8:34:22 PM9/27/22
to orb...@googlegroups.com
Hi John,
If you'd like to remove single quotes from all user's input, e.g. to prevent SQL injections, you can use the input sanitation property, as follows:
If you'd like to remove single quotes from all user's input, e.g. to prevent SQL injections, you can use the input sanitation property, as follows:
<property as="xs:string" name="oxf.xforms.sanitize">
{
"'": ""
}
</property>
If you'd like to do it just for a specific field, you can do it with a `xf:bind calculate="translate(., '''', '')"`. Would one of those 2 techniques work for you?
-Alex
{
"'": ""
}
</property>
If you'd like to do it just for a specific field, you can do it with a `xf:bind calculate="translate(., '''', '')"`. Would one of those 2 techniques work for you?
-Alex
--
You received this message because you are subscribed to the Google Groups "Orbeon Forms" group.
To unsubscribe from this group and stop receiving emails from it, send an email to orbeon+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/orbeon/1567e7ac-7aad-4dab-b62c-b49f0bde65den%40googlegroups.com.
John Lester Corrales
Sep 27, 2022, 10:55:21 PM9/27/22
to Orbeon Forms
Hi Alex,
Good day.
I tried to add the
xf:bind calculate="translate(., '''', '') in the xf:bind (see below) but what happens is it become disabled. This one is under xf:model See below:
<xf:bind id="given-name-bind" ref="$binding/given-name" calculate="translate(., '''', '')" >
<xf:required id="given-name-validation" value="xxf:is-control-required('im-eds-completing-doctor')"/>
</xf:bind>
<xf:bind id="family-name-bind" ref="$binding/family-name" >
<xf:required id="family-name-validation" value="xxf:is-control-required('im-eds-completing-doctor')"/>
</xf:bind>
<xf:bind id="provider-number-bind" ref="$binding/provider-no" >
<xf:required id="provider-number-validation" value="xxf:is-control-required('im-eds-completing-doctor')"/>
</xf:bind>
</xf:bind>
<xf:bind id="family-name-bind" ref="$binding/family-name" >
<xf:required id="family-name-validation" value="xxf:is-control-required('im-eds-completing-doctor')"/>
</xf:bind>
<xf:bind id="provider-number-bind" ref="$binding/provider-no" >
<xf:required id="provider-number-validation" value="xxf:is-control-required('im-eds-completing-doctor')"/>
</xf:bind>
John Lester Corrales
Sep 27, 2022, 10:55:56 PM9/27/22
to Orbeon Forms
Actually sanitize is working to me but I want to implement it only in 1 particular field.
Alessandro Vernet
Sep 28, 2022, 5:46:39 PM9/28/22
to orb...@googlegroups.com
Hi John,
In XForms, by default, having a `calculate` implies read-only, because in general that is what you want. But you can override this by adding `readonly="false()"`. You'll let me know if this solves the problem in this case.
-Alex
In XForms, by default, having a `calculate` implies read-only, because in general that is what you want. But you can override this by adding `readonly="false()"`. You'll let me know if this solves the problem in this case.
-Alex
To view this discussion on the web visit https://groups.google.com/d/msgid/orbeon/a23cdc87-917b-4e0e-8013-b6c40081e503n%40googlegroups.com.
John Lester Corrales
Sep 28, 2022, 7:51:32 PM9/28/22
to Orbeon Forms
Hi Alex,
Thanks! Now its working.
-Lester
Alessandro Vernet
Sep 29, 2022, 12:28:04 AM9/29/22
to orb...@googlegroups.com
Perfect! 👍
-Alex
To view this discussion on the web visit https://groups.google.com/d/msgid/orbeon/07962b8b-b971-4d22-b3d9-81e6eeae99bdn%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages