What is Smarty?
Why use it?
Use Cases and Work Flow
Syntax Comparison
Template Inheritance
Best Practices
Crash Course
What is Smarty?
Why use it?
Use Cases and Work Flow
Syntax Comparison
Template Inheritance
Best Practices
Crash Course
Quick Install
Documentation
Discussion
Mailing Lists
Github
Example App
www.phpinsider.com
Smarty Icon
You may use the Smarty logo according to the trademark notice.
For sponsorship, advertising, news or other inquiries, contact us at:
Sites Using Smarty
Advertisement
escape is used to encode or escape a variable to for example html,
url, single quotes,
hex, hexentity,
javascript and mail.
By default its html.
| Parameter Position | Type | Required | Possible Values | Default | Description |
|---|---|---|---|---|---|
| 1 | string | No |
html, htmlall,
url,
urlpathinfo, quotes,
hex, hexentity,
javascript, mail
|
html |
This is the escape format to use. |
| 2 | string | No |
ISO-8859-1, UTF-8,
and any character set supported by
htmlentities()
|
ISO-8859-1 |
The character set encoding passed to htmlentities() et. al. |
Example 5.10. escape
<?php
$smarty->assign('articleTitle',
"'Stiff Opposition Expected to Casketless Funeral Plan'"
);
$smarty->assign('EmailAddress','smarty@example.com');
?>
These are example escape template lines followed by the output
{$articleTitle}
'Stiff Opposition Expected to Casketless Funeral Plan'
{$articleTitle|escape}
'Stiff Opposition Expected to Casketless Funeral Plan'
{$articleTitle|escape:'html'} {* escapes & " ' < > *}
'Stiff Opposition Expected to Casketless Funeral Plan'
{$articleTitle|escape:'htmlall'} {* escapes ALL html entities *}
'Stiff Opposition Expected to Casketless Funeral Plan'
<a href="?title={$articleTitle|escape:'url'}">click here</a>
<a
href="?title=%27Stiff%20Opposition%20Expected%20to%20Casketless%20Funeral%20Plan%27">click here</a>
{$articleTitle|escape:'quotes'}
\'Stiff Opposition Expected to Casketless Funeral Plan\'
<a href="mailto:{$EmailAddress|escape:"hex"}">{$EmailAddress|escape:"hexentity"}</a>
{$EmailAddress|escape:'mail'} {* this converts to email to text *}
<a href="mailto:%62%6f%..snip..%65%74">bob..snip..et</a>
{'mail@example.com'|escape:'mail'}
smarty [AT] example [DOT] com
Example 5.11. Other examples
PHP functions can be used as modifiers,
$security permitting.
{* the "rewind" paramater registers the current location *}
<a href="{$SCRIPT_NAME}?page=foo&rewind={$smarty.server.REQUEST_URI|urlencode}">click here</a>
This snippet is useful for emails, but see also
{mailto}
{* email address mangled *}
<a href="mailto:{$EmailAddress|escape:'hex'}">{$EmailAddress|escape:'mail'}</a>
See also
escaping smarty parsing,
{mailto}
and the
obfuscating email addresses page.