e544ed6d9a
Comparing changes: https://github.com/smarty-php/smarty/compare/v4.3.1...v4.4.1 It is noticeable that Smarty 4.3.1 does not officially support PHP 8.3. Is only supported with 4.4.0. Remark: During tests with Smarty 4.5.1, it was noticed that the following warning occurs: Deprecated: Using the unregistered function "function_exists" in a template is deprecated and will be removed in a future version. Use Smarty::registerPlugin to explicitly register a custom modifier. As of Smarty 5.X.X, templates must be revised again. The Smarty release 5.0.2 is already officially available. However, integration into FlatPress is not entirely trivial.
79 lines
3.3 KiB
Markdown
79 lines
3.3 KiB
Markdown
# escape
|
|
|
|
`escape` is used to encode or escape a variable to `html`, `url`,
|
|
`single quotes`, `hex`, `hexentity`, `javascript` and `mail`. By default
|
|
its `html`.
|
|
|
|
## Basic usage
|
|
```smarty
|
|
{$myVar|escape}
|
|
```
|
|
|
|
## Parameters
|
|
|
|
| Parameter Position | Type | Required | Possible Values | Default | Description |
|
|
|--------------------|---------|----------|----------------------------------------------------------------------------------------------------------------|---------|--------------------------------------------------------------------------------------|
|
|
| 1 | string | No | `html`, `htmlall`, `url`, `urlpathinfo`, `quotes`, `hex`, `hexentity`, `javascript`, `mail` | `html` | This is the escape format to use. |
|
|
| 2 | string | No | `ISO-8859-1`, `UTF-8`, and any character set supported by [`htmlentities()`](https://www.php.net/htmlentities) | `UTF-8` | The character set encoding passed to htmlentities() et. al. |
|
|
| 3 | boolean | No | FALSE | TRUE | Double encode entities from & to & (applies to `html` and `htmlall` only) |
|
|
|
|
|
|
## Examples
|
|
|
|
```php
|
|
<?php
|
|
|
|
$smarty->assign('articleTitle',
|
|
"'Stiff Opposition Expected to Casketless Funeral Plan'"
|
|
);
|
|
$smarty->assign('EmailAddress','smarty@example.com');
|
|
|
|
```
|
|
|
|
|
|
These are example `escape` template lines followed by the output
|
|
|
|
```smarty
|
|
{$articleTitle}
|
|
'Stiff Opposition Expected to Casketless Funeral Plan'
|
|
|
|
{$articleTitle|escape}
|
|
'Stiff Opposition Expected to Casketless Funeral Plan'
|
|
|
|
{$articleTitle|escape:'html'} {* escapes & " ' < > *}
|
|
'Stiff Opposition Expected to Casketless Funeral Plan'
|
|
|
|
{$articleTitle|escape:'htmlall'} {* escapes ALL html entities *}
|
|
'Stiff Opposition Expected to Casketless Funeral Plan'
|
|
|
|
<a href="?title={$articleTitle|escape:'url'}">click here</a>
|
|
<a
|
|
href="?title=%27Stiff%20Opposition%20Expected%20to%20Casketless%20Funeral%20Plan%27">click here</a>
|
|
|
|
{$articleTitle|escape:'quotes'}
|
|
\'Stiff Opposition Expected to Casketless Funeral Plan\'
|
|
|
|
<a href="mailto:{$EmailAddress|escape:"hex"}">{$EmailAddress|escape:"hexentity"}</a>
|
|
{$EmailAddress|escape:'mail'} {* this converts to email to text *}
|
|
<a href="mailto:%62%6f%..snip..%65%74">bob..snip..et</a>
|
|
|
|
{'mail@example.com'|escape:'mail'}
|
|
smarty [AT] example [DOT] com
|
|
|
|
{* the "rewind" parameter registers the current location *}
|
|
<a href="$my_path?page=foo&rewind={$my_uri|escape:url}">click here</a>
|
|
|
|
```
|
|
|
|
This snippet is useful for emails, but see also
|
|
[`{mailto}`](../language-custom-functions/language-function-mailto.md)
|
|
|
|
```smarty
|
|
{* email address mangled *}
|
|
<a href="mailto:{$EmailAddress|escape:'hex'}">{$EmailAddress|escape:'mail'}</a>
|
|
```
|
|
|
|
See also [escaping smarty parsing](../language-basic-syntax/language-escaping.md),
|
|
[`{mailto}`](../language-custom-functions/language-function-mailto.md) and the [obfuscating email
|
|
addresses](../../appendixes/tips.md#obfuscating-e-mail-addresses) page.
|