tagged / out
Terse output functions for effortless php templating.
1.0.3
2014-06-27 18:56 UTC
This package is not auto-updated.
Last update: 2024-12-17 02:49:03 UTC
README
Motivated by the need to easily construct properly formatted php templates, the out library provides terse output functions for all HTML5 contexts: text, html, script, style and CDATA. It also ensures consistent character encoding by assuming UTF-8 will be used everywhere, and replacing (or removing) all invalid characters with the unicode replacement character, '�'.
example
<?php // blog post submitted by user $userName = '</script> I am an xss attacker'; $postTitle = 'I pwn you <script>pwn(home)</script>'; $postBody = '<p>This html block <em>MUST</em> be well scrubbed or come from a trusted source.</p>'; $customCss = 'background:black;color:white;</style> XSS here'; $cdata = 'Who uses this?'; ?> <!DOCTYPE html> <html> <head> <title><?php out\text(sprintf(_('Blog post: %s'), $postTitle)) ?></title> <style> <?php out\style($customCss) ?> </style> </head> <body> <h1><?php out\text($postTitle) ?></h1> <div id="post-body"> <?php out\html($postBody) ?> </div> <script> initApp(<?php out\script(json_encode($userName))) ?>) </script> <![CDATA[<?php out\cdata($cdata) ?>]]> </body> </html>
install
Add to composer.json from packagist.
composer require tagged/out:*
The out library is included with the composer autoloader.
require 'vendor/autoload.php';
usage
output functions
All output functions write directly to stdout.
Write html-escaped text with out\text
<h1>Hello <?php out\text($name) ?></h1> <img src="<?php out\text($image_url) ?>">
Write raw html with out\html
<div id="content"> <?php out\html($content_html) ?> </div>
Write data into a script block with out\script
<script> var data = <?php out\script(json_encode($data)) ?>; </script>
Write data into a style block with out\style
<style> <?php out\style($css) ?> </style>
Write data into a cdata block with out\cdata
<![CDATA[ <?php out\cdata($character_data) ?> ]]>
string functions
All string functions return the result as a string. Every output function has a corresponding string function.
$encodedName = out\stext($name); $content = out\shtml($content_html); $scriptData = out\sscript(json_encode($data)); $styleData = out\sstyle($css); $cdataData = out\scdata($character_data);
test
phpunit