Download .zip |
Info | Documentation | View files (9) | Download .zip | Reputation | Support forum | Blog | Links |
Last Updated | Ratings | Unique User Downloads | Download Rankings | |||||
2018-02-06 (12 hours ago) | Not enough user ratings | Total: 49 This week: 2 | All time: 9,084 This week: 296 |
Version | License | PHP version | Categories | |||
safer-blitz 1.0 | MIT/X Consortium ... | 7 | HTML, Templates, PHP 7 |
Description | Author | |
This package is a Blitz template engine extension to escape values. |
A small extension to Blitz template engine, adding template inheritance and auto-escaping.
article.tpl:
<article>text</article>
layout.tpl:
<header/>
{{ raw(content) }}
<footer/>
PHP code:
$view = new View("article.tpl");
$view->extend("layout.tpl");
echo $view->parse();
The output:
<header/>
<article>text</article>
<footer/>
Initialize view:
$view = new \SaferBlitz\View;
In template:
{{ $some_variable }}
In controller:
$view->set(["some_variable" => "some nasty XSS attempt: \"><script>alert(\"XSS\");</script>"]);
$view->display();
Result:
some nasty XSS attempt: "><script>alert("XSS");</script>
To output variable unescaped, use _raw($var)_ template API:
{{ raw($trusted_variable) }}
If anyone appears to be interested in this project, I will probably add proper escape methods to escape attributes, CSS, JS. For now, this is out of my personal scope of use though.
Files |
File | Role | Description | ||
---|---|---|---|---|
src (1 directory) | ||||
test (2 files, 1 directory) | ||||
composer.json | Data | Auxiliary data | ||
composer.lock | Data | Auxiliary data | ||
phpunit.xml | Data | Auxiliary data | ||
README.md | Doc. | Documentation |
Files | / | src | / | SaferBlitz |
File | Role | Description |
---|---|---|
StringContainer.php | Class | Class source |
View.php | Class | Class source |
Files | / | test |
File | Role | Description | ||
---|---|---|---|---|
resources (1 file) | ||||
bootstrap.php | Aux. | Auxiliary script | ||
ViewTest.php | Class | Class source |
Version Control | Unique User Downloads | Download Rankings | |||||||||||||||
100% |
|
|
Applications that use this package |
If you know an application of this package, send a message to the author to add a link here.