diff options
Diffstat (limited to 'vendor/smarty/smarty/docs/designers/language-modifiers/language-modifier-escape.md')
-rw-r--r-- | vendor/smarty/smarty/docs/designers/language-modifiers/language-modifier-escape.md | 98 |
1 files changed, 51 insertions, 47 deletions
diff --git a/vendor/smarty/smarty/docs/designers/language-modifiers/language-modifier-escape.md b/vendor/smarty/smarty/docs/designers/language-modifiers/language-modifier-escape.md index 37c71dde9..6fd5dd2b4 100644 --- a/vendor/smarty/smarty/docs/designers/language-modifiers/language-modifier-escape.md +++ b/vendor/smarty/smarty/docs/designers/language-modifiers/language-modifier-escape.md @@ -1,74 +1,78 @@ -escape {#language.modifier.escape} -====== +# escape `escape` is used to encode or escape a variable to `html`, `url`, `single quotes`, `hex`, `hexentity`, `javascript` and `mail`. By default its `html`. - Parameter Position Type Required Possible Values Default Description - -------------------- --------- ---------- ------------------------------------------------------------------------------------------------------------ --------- ------------------------------------------------------------------------------------- - 1 string No `html`, `htmlall`, `url`, `urlpathinfo`, `quotes`, `hex`, `hexentity`, `javascript`, `mail` `html` This is the escape format to use. - 2 string No `ISO-8859-1`, `UTF-8`, and any character set supported by [`htmlentities()`](&url.php-manual;htmlentities) `UTF-8` The character set encoding passed to htmlentities() et. al. - 3 boolean No FALSE TRUE Double encode entites from & to &amp; (applys to `html` and `htmlall` only) +## Basic usage +```smarty +{$myVar|escape} +``` +## Parameters - <?php +| Parameter Position | Type | Required | Possible Values | Default | Description | +|--------------------|---------|----------|----------------------------------------------------------------------------------------------------------------|---------|--------------------------------------------------------------------------------------| +| 1 | string | No | `html`, `htmlall`, `url`, `urlpathinfo`, `quotes`, `hex`, `hexentity`, `javascript`, `mail` | `html` | This is the escape format to use. | +| 2 | string | No | `ISO-8859-1`, `UTF-8`, and any character set supported by [`htmlentities()`](https://www.php.net/htmlentities) | `UTF-8` | The character set encoding passed to htmlentities() et. al. | +| 3 | boolean | No | FALSE | TRUE | Double encode entities from & to &amp; (applies to `html` and `htmlall` only) | - $smarty->assign('articleTitle', - "'Stiff Opposition Expected to Casketless Funeral Plan'" - ); - $smarty->assign('EmailAddress','smarty@example.com'); - ?> +## Examples - - -These are example `escape` template lines followed by the output +```php +<?php +$smarty->assign('articleTitle', + "'Stiff Opposition Expected to Casketless Funeral Plan'" + ); +$smarty->assign('EmailAddress','smarty@example.com'); - {$articleTitle} - 'Stiff Opposition Expected to Casketless Funeral Plan' +``` + - {$articleTitle|escape} - 'Stiff Opposition Expected to Casketless Funeral Plan' +These are example `escape` template lines followed by the output - {$articleTitle|escape:'html'} {* escapes & " ' < > *} - 'Stiff Opposition Expected to Casketless Funeral Plan' +```smarty +{$articleTitle} +'Stiff Opposition Expected to Casketless Funeral Plan' - {$articleTitle|escape:'htmlall'} {* escapes ALL html entities *} - 'Stiff Opposition Expected to Casketless Funeral Plan' +{$articleTitle|escape} +'Stiff Opposition Expected to Casketless Funeral Plan' - <a href="?title={$articleTitle|escape:'url'}">click here</a> - <a - href="?title=%27Stiff%20Opposition%20Expected%20to%20Casketless%20Funeral%20Plan%27">click here</a> +{$articleTitle|escape:'html'} {* escapes & " ' < > *} +'Stiff Opposition Expected to Casketless Funeral Plan' - {$articleTitle|escape:'quotes'} - \'Stiff Opposition Expected to Casketless Funeral Plan\' +{$articleTitle|escape:'htmlall'} {* escapes ALL html entities *} +'Stiff Opposition Expected to Casketless Funeral Plan' - <a href="mailto:{$EmailAddress|escape:"hex"}">{$EmailAddress|escape:"hexentity"}</a> - {$EmailAddress|escape:'mail'} {* this converts to email to text *} - <a href="mailto:%62%6f%..snip..%65%74">bob..snip..et</a> +<a href="?title={$articleTitle|escape:'url'}">click here</a> +<a +href="?title=%27Stiff%20Opposition%20Expected%20to%20Casketless%20Funeral%20Plan%27">click here</a> - {'mail@example.com'|escape:'mail'} - smarty [AT] example [DOT] com +{$articleTitle|escape:'quotes'} +\'Stiff Opposition Expected to Casketless Funeral Plan\' - +<a href="mailto:{$EmailAddress|escape:"hex"}">{$EmailAddress|escape:"hexentity"}</a> +{$EmailAddress|escape:'mail'} {* this converts to email to text *} +<a href="mailto:%62%6f%..snip..%65%74">bob..snip..et</a> +{'mail@example.com'|escape:'mail'} +smarty [AT] example [DOT] com - {* the "rewind" parameter registers the current location *} - <a href="$my_path?page=foo&rewind=$my_uri|urlencode}">click here</a> +{* the "rewind" parameter registers the current location *} +<a href="$my_path?page=foo&rewind={$my_uri|escape:url}">click here</a> - +``` This snippet is useful for emails, but see also -[`{mailto}`](#language.function.mailto) - +[`{mailto}`](../language-custom-functions/language-function-mailto.md) - {* email address mangled *} - <a href="mailto:{$EmailAddress|escape:'hex'}">{$EmailAddress|escape:'mail'}</a> - - +```smarty +{* email address mangled *} +<a href="mailto:{$EmailAddress|escape:'hex'}">{$EmailAddress|escape:'mail'}</a> +``` -See also [escaping smarty parsing](#language.escaping), -[`{mailto}`](#language.function.mailto) and the [obfuscating email -addresses](#tips.obfuscating.email) page. +See also [escaping smarty parsing](../language-basic-syntax/language-escaping.md), +[`{mailto}`](../language-custom-functions/language-function-mailto.md) and the [obfuscating email +addresses](../../appendixes/tips.md#obfuscating-e-mail-addresses) page. |