On Jan 23, 2008 12:22 PM, Jake McGraw <[EMAIL PROTECTED]> wrote:
> Another benefit is you (the programmer) have complete control over
> what variables get passed from the script to the public facing
> template.
If there is a separation between the programmer and the template
editor, it presents another problem. Who is responsible for escaping
the data?
Do you do:
{$user.first_name|escape} {$user.last_name|escape}
or
$tpl->assign('user',array_map("htmlspecialchars",$user);
I tend to end up with a mix, and it can get quite confusing. What is
the preferred practice?
Regards,
John Campbell
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
