crocodile2u/safer-blitz

Thursday, February 1, 2018
by crocodile2u
Repository
1 Watchers
0 Stars
9 Installations

PHP
0 Dependents
0 Suggesters
0 Forks
0 Open issues
4 Versions
0 % Grown

The README.md

safer-blitz

A small extension to Blitz template engine, adding template inheritance and auto-escaping., _(*1)

Template inheritance

article.tpl:, _(*2)

<article>text</article>

layout.tpl:, _(*3)

<header/>
{{ raw(content) }}
<footer/>

PHP code:, _(*4)

$view = new View("article.tpl");
$view->extend("layout.tpl");
echo $view->parse();

The output:, _(*5)

<header/>
<article>text</article>
<footer/>

Auto-escaping

Initialize view:, _(*6)

$view = new \SaferBlitz\View;

In template:, _(*7)

{{ $some_variable }}

In controller:, _(*8)

$view->set(["some_variable" => "some nasty XSS attempt: \"><script>alert(\"XSS\");</script>"]);
$view->display();

Result:, _(*9)

some nasty XSS attempt: &quot;&gt;&lt;script&gt;alert(&quot;XSS&quot;);&lt;/script&gt;

To output variable unescaped, use raw($var) template API:, _(*10)

{{ raw($trusted_variable) }}

If anyone appears to be interested in this project, I will probably add proper escape methods to escape attributes, CSS, JS. For now, this is out of my personal scope of use though., _(*11)

The Versions

01/02 2018

dev-master

9999999-dev

Sources Download

The Requires

ext-blitz *

The Development Requires

phpunit/phpunit ^6.5

01/02 2018

1.1.1

1.1.1.0

Sources Download

The Requires

ext-blitz *

The Development Requires

phpunit/phpunit ^6.5

31/01 2018

1.1

1.1.0.0

Sources Download

The Requires

ext-blitz *

The Development Requires

phpunit/phpunit ^6.5

22/12 2016

v1.0.0

1.0.0.0

Sources Download

The Requires

ext-blitz *

library safer-blitz

crocodile2u/safer-blitz

The README.md

safer-blitz

Template inheritance

Auto-escaping

The Versions

dev-master

The Requires

The Development Requires

1.1.1

The Requires

The Development Requires

1.1

The Requires

The Development Requires

v1.0.0

The Requires