Документ взят из кэша поисковой машины. Адрес оригинального документа : http://dualopt1.cmm.msu.ru/bin/view/TWiki/VarURLPARAM?rev=6;skin=kubrick.nat%2Cnat%2C%20pattern;sortcol=2;table=1;up=0
Дата изменения: Unknown
Дата индексирования: Mon Apr 11 01:56:29 2016
Кодировка:
VarURLPARAM - TWiki - TWiki
Welcome, Registration, and other StartingPoints; TWiki history & Wiki style; All the docs...

URLPARAM{"name"} -- get value of a URL parameter

  • Returns the value of a URL parameter.
  • Syntax: %URLPARAM{"name"}%
  • Supported parameters:
    Parameter: Description: Default:Sorted ascending
    encode="safe" Encode special characters into HTML entities to avoid XSS exploits: "<", ">", "%", single quote (') and double quote (") (this is the default)
    separator=", " Separator between multiple selections. Only relevant if multiple is specified "\n" (new line)
    default="..." Default value in case parameter is empty or missing empty string
    encode="off" Turn off encoding. See important security note below encode="safe"
    encode="entity" Encode special characters into HTML entities. See ENCODE for more details. encode="safe"
    encode="url" Encode special characters for URL parameter use, like a double quote into %22 encode="safe"
    encode="quote" Escape double quotes with backslashes (\"), does not change other characters; required when feeding URL parameters into other TWiki variables encode="safe"
    multiple="on"
    multiple="[[$item]]"
    If set, gets all selected elements of a <select multiple="multiple"> tag. A format can be specified, with $item indicating the element, e.g. multiple="Option: $item" first element
    newline="<br />" Convert newlines in textarea to other delimiters no conversion
    "name" The name of a URL parameter required
  • Example: %URLPARAM{"skin"}% returns print for a .../view/TWiki/VarURLPARAM?skin=print URL
  • ALERT! Notes:
    • IMPORTANT: There is a risk that this variable can be misused for cross-site scripting (XSS) if the encoding is turned off. The encode="safe" is the default, it provides a safe middle ground. The encode="entity" is more aggressive, but some TWiki applications might not work.
    • URL parameters passed into HTML form fields must be entity ENCODEd.
      Example: <input type="text" name="address" value="%URLPARAM{ "address" encode="entity" }%" />
    • Double quotes in URL parameters must be escaped when passed into other TWiki variables.
      Example: %SEARCH{ "%URLPARAM{ "search" encode="quotes" }%" noheader="on" }%
    • When used in a template topic, this variable will be expanded when the template is used to create a new topic. See TWikiTemplates#TemplateTopicsVars for details.
    • Watch out for TWiki internal parameters, such as rev, skin, template, topic, web; they have a special meaning in TWiki. Common parameters and view script specific parameters are documented at TWikiScripts.
    • If you have %URLPARAM{ in the value of a URL parameter, it will be modified to %<nop>URLPARAM{. This is to prevent an infinite loop during expansion.
  • Related: ENCODE, SEARCH, FormattedSearch, QUERYSTRING
r6 - 2009-02-23 - 06:12:52 - TWikiContributor
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
Note: Please contribute updates to this topic on TWiki.org at TWiki:TWiki.VarURLPARAM
Syndicate this site RSSATOM