While I see your point that it is quite some work to build a complete AST for PHP, I'd like to propose one more thing in addition to what you already mentioned:
- keep the old short function syntax we know from 1.x for all helpers - introduce a compilation step which replaces function calls with method calls (e.g. escape($var, 'html') -> $view['escaper']- >escape($var, 'html')) - variable functions are not rewritten (e.g. sth like $a = 'escape'; $a($var, 'html'); will not be rewritten) - a function is only rewritten when a helper registers the function name, otherwise it will stay as is This way, we wouldn't have to write an entire parser for PHP right now, but we would still leave room for optimizing the PHP code, and maybe when someone has time. add a full featured AST parser. Regards, Johannes On Nov 21, 4:01 pm, Fabien Potencier <[email protected]> wrote: > Thanks all for the feedback. > > Here is what I propose to do: > > * remove the Output Escaper component to a standalone repo on > Github (so that if someone want to take over the maintenance, that's > possible) > * remove all usage of the Output Escaper component in > FrameworkBundle > * add functions/methods to ease manual escaping > * update documentation to compare Twig/PHP features and emphasize > the pros and cons of each solution > > Before I start, I need to know what kind of functions/methods we add > to ease manual escaping. > > Do we add a helper? > > $view['escaper']->escape($var, 'html') > > That's the more "natural" thing to do but as you can see, this is > really verbose. > > Do we add functions? If so, what's the difference with the standard > htmlentities/htmlspecialchars PHP functions? > > Fabien -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
