ClearSilver Template Language Discussion

bxxx | 4 Oct 2011 17:21

sanitize all value of Query

Hello,
I would like sanitize (with function html_escape for exemple) all value of query.

How each recursively to a final value ?

thx

__._,_.___

Reply to sender | Reply to group | Reply via web post | Start a New Topic

Messages in this topic (1)

Recent Activity:

Visit Your Group

MARKETPLACE

Stay on top of your group activity without leaving the page you're on - Get the Yahoo! Toolbar now.

Switch to: Text-Only, Daily Digest • Unsubscribe • Terms of Use

__,_._,___

headers

Brandon Long | 6 Oct 2011 00:46

Re: sanitize all value of Query

<?cs def:sanitize(param) ?>
<?cs set:param = html_escape(param) ?>
<?cs each:sub = param ?>
<?cs call:sanitize(sub) ?>
<?cs /each ?>
<?cs /def ?>

<?cs each:param = Query ?>
<?cs call:sanitize(param) ?>
<?cs /each ?>

or something like that. Note, you may be better off just using the
right escaping whenever you use a Query variable instead of trying to
sanitize them all up front. You'd be even better off using the
auto-escaping code that's in the unreleased 0.11 code base in the SVN
tree on code.google.com

Brandon

On Tue, Oct 4, 2011 at 8:21 AM, bxxx <vincebouix <at> yahoo.fr> wrote:
> Hello,
> I would like sanitize (with function html_escape for exemple) all value of query.
>
> How each recursively to a final value ?
>
> thx
>
>
>
>
>
> ------------------------------------
>
> Yahoo! Groups Links
>
>
>
>