Mercurial > urweb
view tests/urblog.ur @ 1710:540df112ff62
Remove string-valued style attribute, which may allow injection attacks
| author | Adam Chlipala <adam@chlipala.net> |
|---|---|
| date | Sun, 15 Apr 2012 12:40:53 -0400 |
| parents | 19e8e3d556d6 |
| children |
line wrap: on
line source
table entry : { Id : int, Title : string, Created : time, Author : string, Body : string } PRIMARY KEY Id fun list () = rows <- queryX (SELECT * FROM entry) (fn row => <xml> <div> <h1>{[row.Entry.Title]}</h1><br /> <h2>By {[row.Entry.Author]} at {[row.Entry.Created]}</h2> <p>{[row.Entry.Body]}</p> </div> </xml> ); return <xml> <head> <title>All Entries</title> </head> <body> <h1>All Entries</h1> {rows} </body> </xml> fun main () = return <xml> <head> <title>UrBlog</title> </head> <body> <h1>UrBlog</h1> </body> </xml>