PHP - security etc
Aaron Trevena
aaron.trevena at gmail.com
Thu Mar 8 19:40:42 GMT 2007
On 07/03/07, Paul Makepeace <paulm at paulm.com> wrote:
> The conclusion I got from
> reading between lines on catalyst, templates, and london.pm is that
> Perl just doesn't have decent HTML+template+escaping yet either.
Depends what you want - if you only want to allow what you consider
safe html, then it *is* trivial in TT, just pass a filtering sub to TT
constructor, or use the HTML filter.
my $t = Template->new({ .... , FILTERS => { safe_html =>
\&my_escape_function } });
and hey presto :
[% foo.user_entered_text | html %]
or
[% foo.user_entered_html | safe_html %] or
Works for me - I'm using something like this to escape data for LaTeX.
A.
--
http://www.aarontrevena.co.uk
LAMP System Integration, Development and Hosting
More information about the london.pm
mailing list