Skip navigation.

exploreopera

| Help

Sign up | Help

Hello World

Practical programming... and stuff...

How to automatically escape template variables in Zend_View

Saturday, 10. November 2007, 08:21:44

,

Escaping any data which comes from the server is important to escape, as it prevents XSS amongst other things.

The Zend Framework view component Zend_View let’s you escape template variables with $this->escape($this->variableName), but it doesn’t escape them by default. Wouldn’t it be much nicer if it did that by default, or at least provided you with a variable to turn it on/off?

Let’s find out how to do that!

Read the rest of the post at codeutopia.net

Summing up Smarty and Zend ViewHow to improve your JavaScript

Write a comment

Comment
(BBcode and HTML is turned off for anonymous user comments.)

Please type this security code : 6c9b6b

Smilies

Me

CodeUtopia blog

  • Zend Framework components as separate zips from th ...

    Did you ever want to use just a single component from Zend Framework, but couldn’t figure out which files you needed? Well, here’s a solution: Zend Framework packageizer script! Just pick the class you want, and you’ll get it and all its dependencies in a nice zip file for you to consume. Wann ...

  • Making a PDF generator class using Zend_Pdf

    There are some expensive libraries that you can use to generate PDF files… but why bother with them, when there are good free alternatives like Zend_Pdf? In three steps, you can generate a fancy report: Create a PDF template Insert data to template with Zend_Pdf Profit $$$ Since this is a quite ...

  • Let’s Rickroll MTV Europe Music Awards 2008!

    Okay so this is totally off the usual topics I guess, but this is too awesome to let it fail! Rick Astley has somehow managed to get into MTV Europe’s Music Awards 2008 gala in the category Best Act Ever. I suspect /b/ had something to do with this, but… I urge everyone to vote for Rick [...]

  • Windows Remote Desktop + Live FolderShare = Ultima ...

    I’m a frequent user of Windows’ remote desktop feature. It’s a stellar remote control solution: It’s incredibly fast, almost like sitting on the remote PC, and has features like bringing over the clipboard and even sounds from the controlled computer. Much better than VNC, really. VNC is pai ...

  • Sharing authentication over multiple sites / Singl ...

    At The Group, we’re developing some web applications that needed to use the same user database. The applications were originally being developed with separate login for each, but I decided it would be better to share the login code across them. I investigated some ways to achieve sharing a single ...