k1low/escape

Auto escaping plugin for CakePHP

Fund package maintenance!
k1LoW

Installs: 10 763

Dependents: 1

Suggesters: 0

Security: 0

Stars: 8

Watchers: 2

Forks: 2

Open Issues: 0

Type:cakephp-plugin

2.0.0 2014-03-18 09:47 UTC

This package is auto-updated.

Last update: 2024-12-06 08:39:33 UTC


README

Requirements

  • PHP >= 5.2.6
  • CakePHP >= 2.0

Installation

First, put `escape’ directory on app/plugins in your CakePHP application.

Second, add the following code in app_controller.php

<?php
    class AppController extends Controller {
        var $components = array('Escape.Escape');
    }

Escape type

use htmlspecialchars() and html_entity_decode()

Escape / decode valiables.

  • `d()' decode escaped valiables.

app_controller.php example

<?php
    class AppController extends Controller {
        var $components = array('Escape.Escape');
    }

view.ctp example

<?php echo $escaped; // echo escaped value; ?>
<?php echo d($escaped); // echo decode value; ?>  

create object and set escaped/raw value

app_controller.php example

<?php
    class AppController extends Controller {
        var $components = array('Escape.Escape' => array('objectEscape' => true));
    }

view.ctp example

<?php echo $escaped; // echo escaped value; ?>
<?php echo $escaped->raw; // echo raw value; ?>  

$this->data escape

If you do not escape $this->data, add the following code in app_controller.php.

<?php
    class AppController extends Controller {
        var $components = array('Escape.Escape' => array('formDataEscape' => false));
    }

TODO

  • Auto Decoding in FormHelper::input()