escape
escape is used to encode or escape a variable to for example html,
url, single quotes,
hex, hexentity,
javascript and mail.
By default its html.
Example 5-10. escape
<?php
$smarty->assign('articleTitle', "'Stiff Opposition Expected to Casketless Funeral Plan'" ); $smarty->assign('EmailAddress','[email protected]');
?>
|
These are example escape template lines followed by the output
{$articleTitle}
'Stiff Opposition Expected to Casketless Funeral Plan'
{$articleTitle|escape}
'Stiff Opposition Expected to Casketless Funeral Plan'
{$articleTitle|escape:'html'} {* escapes & " ' < > *}
'Stiff Opposition Expected to Casketless Funeral Plan'
{$articleTitle|escape:'htmlall'} {* escapes ALL html entities *}
'Stiff Opposition Expected to Casketless Funeral Plan'
<a href="?title={$articleTitle|escape:'url'}">click here</a>
<a href="?title=%27Stiff+Opposition+Expected+to+Casketless+Funeral+Plan%27">click here</a>
{$articleTitle|escape:'quotes'}
\'Stiff Opposition Expected to Casketless Funeral Plan\'
<a href="mailto:{$EmailAddress|escape:"hex"}">{$EmailAddress|escape:"hexentity"}</a>
{$EmailAddress|escape:'mail'} {* this converts to email to text *}
<a href="mailto:%62%6f%..snip..%65%74">bob..snip..et</a>
{'[email protected]'|escape:'mail'}
smarty [AT] example [DOT] com |
|
Example 5-11. Other examples PHP functions can be used as modifiers,
$security permitting.
{* the "rewind" paramater registers the current location *}
<a href="{$SCRIPT_NAME}?page=foo&rewind={$smarty.server.REQUEST_URI|urlencode}">click here</a> |
This snippet is useful for emails, but see also
{mailto} {* email address mangled *}
<a href="mailto:{$EmailAddress|escape:'hex'}">{$EmailAddress|escape:'mail'}</a> |
|
See also
escaping smarty parsing,
{mailto}
and the
obfuscating email addresses page.