SurveyFactory Documentation Documentation Create a template
Create a template


It is important to never eval any form input value. For instance, you may at first think that in order to be able to use Template-Toolkit within a text field default, you would therefore need to evaluate the question.answer.f_value parameter. This is dangerous, however, as users could then enter arbitrary Template-Toolkit code into your survey and have it executed. Instead, the proper thing to do is compare the f_value to the default, and if it is the same, you can eval the default and use that. Here is some sample code for how you can enable Template Toolkit in the default value for a Single Text Field question type:

Calling evalDefault() as:

tfValue = evalDefault(question.answer.default, question.answer.f_value);

is equivalent to:

tfValue = question.answer.f_value;
tfDefault = question.answer.default | escapeHTML;
IF tfDefault != '' && tfDefault == safeValue;
  tfValue = question.answer.default | eval | escapeHTML;

You can then use this value in your template, such as:

[% IF question.answer.type == 'textarea'; %]
  <textarea name="[% question.answer.f_name %]">[% tfValue %]</textarea>
[% ELSE; %]
  <input type="text" name="[% question.answer.f_name %]" value="[% tfValue %]" />
[% END; %]