|
Smarty
WARNING: All discussion is moving to https://reddit.com/r/smarty, please go there! This forum will be closing soon. |
|
View previous topic :: View next topic |
Author |
Message |
Preissnbua Smarty Rookie
Joined: 31 Aug 2003 Posts: 5 Location: Nürnberg, Germany
|
Posted: Sun Aug 31, 2003 6:06 am Post subject: Assign all POST and/or GET values of variables to template |
|
|
Hi there,
I am quite often working with huge forms which contain pretty much everything you can do with forms (text, textarea, radios, checkboxes, selects etc...) and this is (not only) where SMARTY really rocks.
So after the form has been submitted I check the contents in a PHP-Script, note the errors and - if there are any - display the original form again with comments which errors occured.
Since the already submitted information should not get lost, but displayed again, I always have to assign each value to the form template with
Code: | $smarty->assign('name',$posted_value);
|
As I said - I am working with very long forms and it would be very handy to have a function which one could enable (or simply call) to have all submitted POST and/or GET values automatically assigned to a (form) template. Maybe one could also add the functionality of an array of variables NOT being assigned.
I was thinking of something like this:
Code: | global $HTTP_POST_VARS;
reset ($HTTP_POST_VARS);
while (list ($key, $val) = each ($HTTP_POST_VARS))
{
if(!in_array($key,$exclude_array))
{
$smarty->assign($key,$val);
}
}
|
I have to admit, that I am not a Pro and only started to work with SMARTY recently, so maybe there is already such functionality hidden somewhere. In this case: Sorry - I'll eventually find it
So best whishes and keep up your great work!
Best,
Preissnbua |
|
Back to top |
|
CirTap Smarty Pro
Joined: 04 Jun 2003 Posts: 106
|
Posted: Mon Sep 01, 2003 2:16 am Post subject: |
|
|
Hi,
you could easily create this feature if you subclass Smarty:
[php:1:34ba663770]<?php
class Page extends Smarty {
function bulk_assign($good, $bad=array()) {
foreach ($good as $key => $content) {
if (in_array($key, $bad)) continue;
$this->assign($key, $content);
}
}
}
$Page = new Page();
$bad = array('sid', 'ccnumber');
$Page->bulk_assign($_REQUEST, $bad);
// ...
?> [/php:1:34ba663770]
Have fun,
CirTap |
|
Back to top |
|
Preissnbua Smarty Rookie
Joined: 31 Aug 2003 Posts: 5 Location: Nürnberg, Germany
|
Posted: Mon Sep 01, 2003 7:01 am Post subject: |
|
|
Thanks a bunch, CirTap!
I'll surely do that.
Best,
Preissnbua |
|
Back to top |
|
messju Administrator
Joined: 16 Apr 2003 Posts: 3336 Location: Oldenburg, Germany
|
Posted: Mon Sep 01, 2003 7:39 am Post subject: |
|
|
maybe you don't need a custom function:
$smarty->assign() already has this (undocumented) feature:
$smarty->assign($_REQUEST); assigns all elements of $_REQUEST.
the functionality of the $bad-array is missing here, though. |
|
Back to top |
|
boots Administrator
Joined: 16 Apr 2003 Posts: 5611 Location: Toronto, Canada
|
Posted: Mon Sep 01, 2003 7:48 am Post subject: |
|
|
@messju: earlier I wrote a reply that would have demonstrated the array assign feature except that I also implemented the array limiting using builtin PHP array functions to limit the request array.
I didn't post it because, unfortunately, when all was said and done it was slower than ClrTap's method--considerably. I suspect that the reason is three-fold:
i) not all PHP array functions are efficient ;
ii) the need for intermediate data structures;
iii) looping the array in PHP is one iteration while passing an array to assign causes a second iteration over the same data whereas ClrTap's method does the filtering and assigning in one iteration.
I do like that undocumented feature, but I like to try to minimize the number of times any single piece of data has to get touched or processed.
Now, in that spirit, considering that Smarty already passes things like _REQUEST to the template, perhaps it would be useful to allow optional limit arrays to be set which would gaurantee that only a subset of the _REQUEST gets mapped into template space. Sort of like a security mode for the super globals. It would be super-cool if it also included default values and validation.
Just a thought |
|
Back to top |
|
messju Administrator
Joined: 16 Apr 2003 Posts: 3336 Location: Oldenburg, Germany
|
Posted: Mon Sep 01, 2003 7:05 pm Post subject: |
|
|
@boots: i think the timing of bulk assign depends heavily on the size of $good and $bad.
just for the luxury of boredom and the beauty of hilighted php-code:
(doesn't use assiging an array, not that slow )
[php:1:86763218ba]
function bulk_assign(&$smarty, $vars, $blacklist=array()) {
foreach (array_diff(array_keys($vars), $blacklist) as $name)
$smarty->assign($name, $vars[$name]);
}
[/php:1:86763218ba]
(does use assiging an array, adds creating an array, saves method-calls, slightly faster )
[php:1:86763218ba]
function bulk_assign2(&$smarty, $vars, $blacklist=array()) {
$_assign = array();
foreach (array_diff(array_keys($vars), $blacklist) as $name)
$_assign[$name] = $vars[$name];
$smarty->assign($_assign);
}
[/php:1:86763218ba]
i used count($vars)==10 and count($blacklist)==2 . other values may give different speed-relations.
have fun
messju |
|
Back to top |
|
CirTap Smarty Pro
Joined: 04 Jun 2003 Posts: 106
|
Posted: Mon Sep 01, 2003 7:53 pm Post subject: |
|
|
@messju
I once learned to avoid any function calls inside loops, such as
for($=0; $i < count($array), $i++)
In your example [php:1:2cee14eeec] foreach (array_diff(array_keys($vars), $blacklist) as $name) [/php:1:2cee14eeec]
PHP has to reduce the array on each itteration, right?
It's compact, but wouldn't it be "better/faster" doing[php:1:2cee14eeec] $reduced = array_diff(array_keys($vars), $blacklist);
foreach ($reduced as $name) [/php:1:2cee14eeec]
This would "waste" another array but it will be "static" and not constantly be rebuild.
Plz. correct me if I'm wrong. I may have missed something about array handling or foreach here
Just curious.
Have fun,
CirTap |
|
Back to top |
|
messju Administrator
Joined: 16 Apr 2003 Posts: 3336 Location: Oldenburg, Germany
|
Posted: Mon Sep 01, 2003 9:06 pm Post subject: |
|
|
@CirTap: foreach is a very special case of loop.
"foreach ($foo as $i)" actually works on a copy of $foo. you can even modify $foo inside the loop (unset/reassign/append values and the like) and stay sure that you iterate over the original values of $foo.
so the array in my example is only built once. the array_keys() does not belong to the loop-condition, it belongs to the loop's initialisation. |
|
Back to top |
|
CirTap Smarty Pro
Joined: 04 Jun 2003 Posts: 106
|
Posted: Mon Sep 01, 2003 9:45 pm Post subject: |
|
|
aaahhh.. cewl.
I once had this
...
$keys = array_keys($CATS);
foreach ($keys as $c) {
if (!in_array($c, $g_cats)) {
unset($CATS[$c]); unset($PAGES[$c]);
}
}
...
but I'll adopt your
foreach (array_diff(array_keys($vars), $blacklist) as $name)
for this. It's much better!
Thanx a bunch!
CirTap
PS && off topic: where do I post request regarding the forum here?
EDIT: You're my hero of the day!!
The former contruct spread roughly 15 lines using two foreach() for $PAGES and $CATS, a $found boolean.. really ugly looking and I never liked it. Now its this, with the same result. <g>
Code: | foreach( array_diff(array_keys($CATS), $g_cats ) as $c ) {
unset($CATS[$c]);
unset($PAGES[$c]);
} |
|
|
Back to top |
|
boots Administrator
Joined: 16 Apr 2003 Posts: 5611 Location: Toronto, Canada
|
Posted: Tue Sep 02, 2003 5:01 am Post subject: |
|
|
@messju: that's nearly the exact same function I came up with, but mine did test slower I'll take your word for it on your tests, though.
I have to say, the copy semantics of PHP4 drive me a little bit nuts. Of course, for the less timid, there are some neat tricks using references to get around things like the foreach copy that messju mentions. It does make your code a little less clear though. Still, it is an irritating side-effect of the copy semantics though I understand that changes in PHP5 mitigates those effects. |
|
Back to top |
|
CirTap Smarty Pro
Joined: 04 Jun 2003 Posts: 106
|
Posted: Wed Sep 03, 2003 11:38 pm Post subject: |
|
|
boots wrote: | I have to say, the copy semantics of PHP4 drive me a little bit nuts. |
Oh, boy... I sign that!
I wished there was as least sth. like foreach($arr as $key => &$data) ...
I got insane when I once game up with the glory idea to do some recursions with an objects array that had other object references inside, wanted to create sth. similar to the form.elements[] collection in JS that has a *reference* to every descendant <input> no matter if its direct parent is the form or a nested table. The recursion was perfect, found everything, the collection grew: but the "global" array left empty once the recursion was over... %-/
I finally used some keys and the global varname, but until now I wasn't aware it's the array *itself* that becomes a copy, although the manual tells you in a notice... but not as informative as messju
Have fun,
CirTap |
|
Back to top |
|
messju Administrator
Joined: 16 Apr 2003 Posts: 3336 Location: Oldenburg, Germany
|
Posted: Fri Sep 05, 2003 7:49 am Post subject: |
|
|
CirTap wrote: | boots wrote: | I have to say, the copy semantics of PHP4 drive me a little bit nuts. |
Oh, boy... I sign that! |
oh, me too. this is only topped by the reference-semantincs IMHO:
my two favorites:
Code: | global $foo;
$foo = &$bar; /* breaks reference to the global $foo.
from now on only the local one is changed when $foo gets values assigned to */ |
and
Code: | $a = array(1,2,3,4);
foreach($a as $key=>$value) $value =& $a[$key];
/* $a is now array(2,3,4,4) */ |
|
|
Back to top |
|
andre Smarty Pro
Joined: 23 Apr 2003 Posts: 164 Location: Karlsruhe, Germany
|
Posted: Fri Sep 05, 2003 8:29 am Post subject: |
|
|
|
|
Back to top |
|
CirTap Smarty Pro
Joined: 04 Jun 2003 Posts: 106
|
Posted: Sun Sep 07, 2003 2:29 am Post subject: |
|
|
ROFL!
Hallo, Nachbar
CirTap |
|
Back to top |
|
JonBoy Smarty Rookie
Joined: 09 Oct 2003 Posts: 6 Location: Madison, Wisconsin, USA
|
Posted: Thu Oct 09, 2003 7:00 pm Post subject: Just my security $.02... |
|
|
I don't like applications which simply pick off GET or POST information and parrot it back into a web page. Cross-site scripting exploits are the children of such designs.
Even in a parroting situation, I would do some mimimal scrubbing of the data, like wiping all the HTML tags, "de-hexifying" strings like "%20" and making sure whatever characters are left are in the ASCII range of 20 to 126. |
|
Back to top |
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
|