Smarty

[Preissnbua]

Hi there,
I am quite often working with huge forms which contain pretty much everything you can do with forms (text, textarea, radios, checkboxes, selects etc...) and this is (not only) where SMARTY really rocks.

So after the form has been submitted I check the contents in a PHP-Script, note the errors and - if there are any - display the original form again with comments which errors occured.

Since the already submitted information should not get lost, but displayed again, I always have to assign each value to the form template with

[CirTap]

Hi,
you could easily create this feature if you subclass Smarty:
[php:1:34ba663770]<?php
class Page extends Smarty {
function bulk_assign($good, $bad=array()) {
foreach ($good as $key => $content) {
if (in_array($key, $bad)) continue;
$this->assign($key, $content);
}
}
}

$Page = new Page();
$bad = array('sid', 'ccnumber');
$Page->bulk_assign($_REQUEST, $bad);
// ...
?> [/php:1:34ba663770]

Have fun,
CirTap

[Preissnbua]

Thanks a bunch, CirTap!

I'll surely do that.

Best,
Preissnbua

[messju]

maybe you don't need a custom function:
$smarty->assign() already has this (undocumented) feature:

$smarty->assign($_REQUEST); assigns all elements of $_REQUEST.

the functionality of the $bad-array is missing here, though.

[boots]

@messju: earlier I wrote a reply that would have demonstrated the array assign feature except that I also implemented the array limiting using builtin PHP array functions to limit the request array.

I didn't post it because, unfortunately, when all was said and done it was slower than ClrTap's method--considerably. I suspect that the reason is three-fold:

i) not all PHP array functions are efficient ;
ii) the need for intermediate data structures;
iii) looping the array in PHP is one iteration while passing an array to assign causes a second iteration over the same data whereas ClrTap's method does the filtering and assigning in one iteration.

I do like that undocumented feature, but I like to try to minimize the number of times any single piece of data has to get touched or processed.

Now, in that spirit, considering that Smarty already passes things like _REQUEST to the template, perhaps it would be useful to allow optional limit arrays to be set which would gaurantee that only a subset of the _REQUEST gets mapped into template space. Sort of like a security mode for the super globals. It would be super-cool if it also included default values and validation.

Just a thought

[messju]

@boots: i think the timing of bulk assign depends heavily on the size of $good and $bad.

just for the luxury of boredom and the beauty of hilighted php-code:

(doesn't use assiging an array, not that slow )
[php:1:86763218ba]
function bulk_assign(&$smarty, $vars, $blacklist=array()) {
foreach (array_diff(array_keys($vars), $blacklist) as $name)
$smarty->assign($name, $vars[$name]);
}
[/php:1:86763218ba]

(does use assiging an array, adds creating an array, saves method-calls, slightly faster )
[php:1:86763218ba]
function bulk_assign2(&$smarty, $vars, $blacklist=array()) {
$_assign = array();
foreach (array_diff(array_keys($vars), $blacklist) as $name)
$_assign[$name] = $vars[$name];

$smarty->assign($_assign);
}
[/php:1:86763218ba]

i used count($vars)==10 and count($blacklist)==2 . other values may give different speed-relations.

have fun
messju

[CirTap]

@messju
I once learned to avoid any function calls inside loops, such as
for($=0; $i < count($array), $i++)

In your example [php:1:2cee14eeec] foreach (array_diff(array_keys($vars), $blacklist) as $name) [/php:1:2cee14eeec]
PHP has to reduce the array on each itteration, right?
It's compact, but wouldn't it be "better/faster" doing[php:1:2cee14eeec] $reduced = array_diff(array_keys($vars), $blacklist);
foreach ($reduced as $name) [/php:1:2cee14eeec]
This would "waste" another array but it will be "static" and not constantly be rebuild.
Plz. correct me if I'm wrong. I may have missed something about array handling or foreach here

Just curious.

Have fun,
CirTap

[messju]

@CirTap: foreach is a very special case of loop.

"foreach ($foo as $i)" actually works on a copy of $foo. you can even modify $foo inside the loop (unset/reassign/append values and the like) and stay sure that you iterate over the original values of $foo.

so the array in my example is only built once. the array_keys() does not belong to the loop-condition, it belongs to the loop's initialisation.

[CirTap]

aaahhh.. cewl.
I once had this
...
$keys = array_keys($CATS);
foreach ($keys as $c) {
if (!in_array($c, $g_cats)) {
unset($CATS[$c]); unset($PAGES[$c]);
}
}
...
but I'll adopt your
foreach (array_diff(array_keys($vars), $blacklist) as $name)
for this. It's much better!

Thanx a bunch!

CirTap

PS && off topic: where do I post request regarding the forum here?

EDIT: You're my hero of the day!!
The former contruct spread roughly 15 lines using two foreach() for $PAGES and $CATS, a $found boolean.. really ugly looking and I never liked it. Now its this, with the same result. <g>

[boots]

@messju: that's nearly the exact same function I came up with, but mine did test slower I'll take your word for it on your tests, though.

I have to say, the copy semantics of PHP4 drive me a little bit nuts. Of course, for the less timid, there are some neat tricks using references to get around things like the foreach copy that messju mentions. It does make your code a little less clear though. Still, it is an irritating side-effect of the copy semantics though I understand that changes in PHP5 mitigates those effects.

[CirTap]

[messju]

[andre]

[CirTap]

[JonBoy]

I don't like applications which simply pick off GET or POST information and parrot it back into a web page. Cross-site scripting exploits are the children of such designs.

Even in a parroting situation, I would do some mimimal scrubbing of the data, like wiping all the HTML tags, "de-hexifying" strings like "%20" and making sure whatever characters are left are in the ASCII range of 20 to 126.