Variable autoescape in Smarty templates - smarty

I have recently found out that Smarty, differently from Django template engine, does not escape variables automatically and I need to put |escape next to most of the variables in my templates.
Following the docs, http://www.smarty.net/docsv2/en/variable.default.modifiers.tpl I need to set default modifiers, needn't I?
So, here's my code:
$smarty = new Smarty();
$smarty->default_modifiers = array('escape:"htmlall"');
... and still variables ARE NOT escaped until I add |escape next to them.
What am I doing wrong?

If you are on Smarty 3, try this:
$smarty = new Smarty();
$smarty->loadFilter(Smarty::FILTER_VARIABLE, "htmlentities");
Tadà!
Update: Smarty::FILTER_VARIABLE is undocumented as of 28/11/2014. Use $smarty->escape_html = true if you want to stick to offical docs.

It appears that this feature was removed from Smarty v3, and docs are outdated. See:
http://www.smarty.net/forums/viewtopic.php?p=62207
I'd recommend a workaround - which is template level. Either create a new style v3 function to take care of filtration, or, do a simple include.
Include method
Put this in a clean.tpl file:
{$text|escape:htmlall}
Then invoke as {include file=clean.tpl text=$myvariabletofilter}
Function method
The new functions in Smarty could also take care of that:
{function clean}
{$text|escape:htmlall}
{/function}
And invoke as {clean text=$myvariabletofilter}
As always, make sure that these things get trimmed right and don't insert unncessary spaces.

Related

Get {{.Host}} inside a range loop - Caddy server browse template

So I can use {{.Host}} just fine in the template file, but once inside a {{range .Items}} loop it doesn't work since it's trying to get the .Host from the .Items (array?)thing..
I get this as an error
template: listing:41:46: executing "listing" at <.Host>: can't evaluate field Host in type browse.FileInfo
I've never used Go before, I've tried reading the text template documentation page but it's all rather confusing.
ooooh, nevermind guys, I knew it was a simple fix.
{{$.Host}}
Just add the $, then you'll be using the global context again, instead of the context inside of the range loop.
Source, thanks HUGO for the clear documentation.
{{range}} changes the pipeline (the dot, .) to the current Items. You can use {{$.Host}} which will refer to the "top-level" Host.
{{$.Host}}
golang template.

Is it possible to dynamically inject templates in Sinatra

I've got some (well, actually a whole lot) inline templates that all look alike that I'd rather not hard code. Is it possible to inject them dynamically somehow?
For example instead of:
__END__
##view1
==slim :defaultview
##view2
==slim :defaultview
...
I'd like to do something like...
%w[view1 view2].map{|v| templates[v] = "==slim :defaultview"} #templates would be Sinatra's internal template cache
Use named templates:
%w[view1 view2].map(&:to_sym)
.each do |v|
template v do
"==slim :defaultview"
end
end
If that's all each template does though, then I'm not sure why you'd create a template to wrap around the partial?

Proper method to access Play! cache in Scala templates?

I'm running a Play! app using Scala templates. However, I can't find an elegant method to access the Cache in an elegant (or valid) way inside of html templates.
I've tried everything like:
<some html>#play.cache.Cache.get(play.session.getId() + "-account")</some html>
But no luck. Thanks for the proper way to do this!
I found the methodology buried in the old 0.9 Scala documentation. For the time being it's not super-easy but it's 3min do-able. It requires adding a parameter to the controller and template like so:
In your controller, pass session as a parameter
object Application extends Controller {
import views.Application._
def index = {
html.index(session)
}
}
At the top of your template, define the implicit variable:
#(implicit session:play.mvc.Scope.Session)
Inside the template html, access it like so:
#(play.cache.Cache.get(session.getId() + "-account"))

render individual file in middleman

I am writing a helper and I need to get a rendered file as String.
I see that the method that I need exists in the middleman's library: http://rubydoc.info/github/middleman/middleman/Middleman/CoreExtensions/Rendering/InstanceMethods#render_individual_file-instance_method
How do I call this function from my helper class?
I tried:
require "middleman-core/lib/middleman-core/core_extensions/rendering.rb"
...
puts Middleman::CoreExtensions::Rendering::InstanceMethods.render_individual_file(filepath)
But it does not seem to find the file, any idea?
I'm not sure 3.0 beta is quite ready for primetime.
That said, it does sound like the partial method is what you're looking for.
Unless I'm missing something, the Middleman method seems like an overly-complex solution. For one of my sites I wanted to load entire text files into my templates, so I wrote this helper:
# Shortcut for loading raw text files. Obviously assumes that given file is in a valid format.
# #return [String] File contents
def load_textfile(filename)
File.read filename.to_s
end
Also, you should clarify if you are intending to use this within a template, or within Ruby code. It's not clear to me based on your question.
Here is an example of how one would use above helper:
Currently of note, Middleman is in the process of transitioning to version 4, and the conventions for loading helpers will change. The most straightforward way to define a helper is within a helper block in your config.rb file, as follows:
helpers do
# Define helper functions here to make them available in templates
end
I use Slim for templating. It really is the best. In slim you would appply helper as thus:
= load_textfile 'path'
p You can embed helper output in your page with interpolation, too: #{load_textfile 'path'}

smarty template engine

I have an webpage written using php but now need to convert them to smarty template engine.
I am rookie to smarty template engine.I find it difficult of smarty.net document.Is there any book or site from where i can learn smarty.
I need a small snippet for insert function.
I think the smarty.net documentation is the very best point to start using Smarty Template Engine.
Most tutorials are based on the documentation I think.
For a very quick start you just have to require the Smarty base class:
// Require base class
require_once('Smarty.class.php');
// create new Smarty instance
$smarty = new Smarty();
// define Smarty directories
$smarty->template_dir = '/web/www.example.com/guestbook/templates/';
$smarty->compile_dir = '/web/www.example.com/guestbook/templates_c/';
$smarty->config_dir = '/web/www.example.com/guestbook/configs/';
$smarty->cache_dir = '/web/www.example.com/guestbook/cache/';
// define a template variable, which will be shown in your template
$smarty->assign('greeting', 'Hello World!');
// force your php script to show your template file
$smarty->display('template.html');
Thats everything you need in your PHP file.
In the default configuration of Smarty you can show your template variable greeting by using
My greeting message: {$greeting}
If you open your PHP File via a browser you will see: My greeting message: Hello World!
For further information you really should read the official Smarty documentation!

Resources