Auto escaping plugin for CakePHP
PHP
Switch branches/tags
Nothing to show
Pull request Compare This branch is 3 commits ahead, 9 commits behind 2.0.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
controllers/components
.gitignore
README.md

README.md

Auto escaping plugin for CakePHP

Installation

First, put `escape’ directory on app/plugins in your CakePHP application.

Second, add the following code in app_controller.php

<?php
    class AppController extends Controller {
        var $components = array('Escape.Escape');
    }

Escape type

use htmlspecialchars() and html_entity_decode()

Escape / decode valiables.

  • `d()' decode escaped valiables.

app_controller.php example

<?php
    class AppController extends Controller {
        var $components = array('Escape.Escape');
    }

view.ctp example

<?php echo $escaped; // echo escaped value; ?>
<?php echo d($escaped); // echo decode value; ?>  

create object and set escaped/raw value

app_controller.php example

<?php
    class AppController extends Controller {
        var $components = array('Escape.Escape' => array('objectEscape' => true));
    }

view.ctp example

<?php echo $escaped; // echo escaped value; ?>
<?php echo $escaped->raw; // echo raw value; ?>  

$this->data escape

If you do not escape $this->data, add the following code in app_controller.php.

<?php
    class AppController extends Controller {
        var $components = array('Escape.Escape' => array('formDataEscape' => false));
    }

TODO

  • Auto Decoding in FormHelper::input()