Tweaked renderer to make escaper methods work in view. Added doRender().

rotexsoft · Apr 26, 2016 · 2fb23ca · 2fb23ca
1 parent a2eb14e
commit 2fb23ca
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 41 deletions.
diff --git a/README.md b/README.md
@@ -163,7 +163,7 @@ INPUT;
         <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
 
         <style>
-            // CSS escaping is being applied to the variable below
+           <?php // CSS escaping is being applied to the variable below ?>
             <?php echo $this->escapeCss($var_that_should_be_css_escaped); ?>
         </style>
 
@@ -185,15 +185,15 @@ INPUT;
                 <?php echo $this->escapeHtml($var_that_should_be_html_escaped); ?>
             </span>
         </div>
-        
+
         <!-- CSS escaping is being applied to the variable below -->
         <p style="<?php echo $this->escapeCss($another_var_that_should_be_css_escaped); ?>">
             User controlled CSS needs to be properly escaped!
-            
+
             <!-- Url escaping is being applied to the variable below -->
             <a href="http://example.com/?name=<?php echo $this->escapeUrl($var_that_should_be_url_escaped); ?>">Click here!</a>
         </p>
-        
+
         <!-- Javascript escaping is being applied to the variable below -->
         <p onclick="var a_number = <?php echo $this->escapeJs($a_var_that_can_be_safely_js_escaped); ?>; alert(a_number);">
             Javascript escaping the variable in this paragraph's onclick attribute should

diff --git a/src/Renderer.php b/src/Renderer.php
@@ -585,42 +585,6 @@ public function renderToString(
             throw new FileNotFoundException($msg);
         }
 
-        ////////////////////////////////////////////////////////////////////////
-        ////////////////////////////////////////////////////////////////////////
-        ////
-        //// Deliberately not specifying parameters in the anonymous function's 
-        //// definition signature below in order to avoid having any explicit 
-        //// variable(s) defined inside the anonymous function. Rather, the 
-        //// parameters are being accessed via func_get_arg() and not even 
-        //// assigned to any local variable(s) inside the function.
-        ////
-        //// This way we need not worry about any variable(s) being overwritten
-        //// inside the anonymous function when extract(..) is called within the 
-        //// anonymous function.
-        ////  
-        ////////////////////////////////////////////////////////////////////////
-        ////////////////////////////////////////////////////////////////////////
-        $render_view = function()
-        {
-            //func_get_arg(0): the name of the file to be included whose output 
-            //                 is to be captured and returned
-
-            //func_get_arg(1): the data array from which to extract variables
-
-            //Extract variables from the data array which may be needed in the
-            //view file to be included below.
-            extract(func_get_arg(1));
-
-            // Capture the view output
-            ob_start();
-
-            // Load the view within the current scope
-            include func_get_arg(0);
-
-            // Get the captured output and close the buffer
-            return ob_get_clean();
-        };
-
         $merged_data = array_merge($this->data, $data);
 
         //escape data
@@ -633,9 +597,46 @@ public function renderToString(
                     array_merge($this->data_vars_2_js_escape, $data_vars_2_js_escape)
                 );
 
-        return $render_view($located_file, $merged_data);
+        return $this->doRender($located_file, $merged_data);
     }
 
+    protected function doRender(){
+
+        ////////////////////////////////////////////////////////////////////////
+        ////////////////////////////////////////////////////////////////////////
+        ////
+        //// Deliberately not specifying parameters in this function's 
+        //// signature in order to avoid having any explicit variable(s) 
+        //// defined inside the anonymous function. Rather, the parameters
+        //// are being accessed via func_get_arg() and not even assigned
+        //// to any local variable(s) inside the function.
+        ////
+        //// This way we need not worry about any variable(s) being overwritten
+        //// inside the function when extract(..) is called within the function.
+        ////  
+        ////////////////////////////////////////////////////////////////////////
+        ////////////////////////////////////////////////////////////////////////
+
+        //func_get_arg(0): the name of the file to be included whose output 
+        //                 is to be captured and returned
+
+        //func_get_arg(1): the data array from which to extract variables
+
+        //Extract variables from the data array which may be needed in the
+        //view file to be included below.
+        extract(func_get_arg(1));
+
+        // Capture the view output
+        ob_start();
+
+        // Load the view within the current scope
+        include func_get_arg(0);
+
+        // Get the captured output and close the buffer
+        return ob_get_clean();
+    }
+
+
     /**
      * 
      * Alias to $this->renderToString(..)