On Tue, 14 May 2013 09:45:05 -0700, Chris Steipp <csteipp(a)wikimedia.org>
wrote:
On Tue, May 14, 2013 at 2:34 AM, Antoine Musso
<hashar+wmf(a)free.fr>
Another template engine is Twig. It is used by
the Silex micro engine
(based on Symfony2). See:
http://twig.sensiolabs.org/
Examples:
{{ foobar }} # not escaped
{{ unsafevar|escaped }} # yeah protection!
You can iterate:
<ul id="users">
{% for user in users %}
<li><a href="{{ user.href }}">{{ users.name
}}</a></li>
{% endfor %}
I'll actually admit this is one reason why templating makes me
nervous. DOM text, attribute values, and urls all need different
validation and escaping, so you can't just look at the template and
make sure everything has |e, nor can you look at the PHP and see that
everything is escaped before being passed to the template. And looking
at both and making sure that each variable in the output has been
correctly escaped for the html context in the PHP is a lot more work
than just seeing $output .= Html::element( ... ).
Same here. This is actually why along for my skin rewrite plans the
template system I was working on for it is context sensitive. I've
contemplated now and then about the idea of tweaking that idea so a
similar context sensitive template system could be used in general code.
--
~Daniel Friesen (Dantman, Nadir-Seen-Fire) [