On 1/23/08 1:54 PM, "John Campbell" <[EMAIL PROTECTED]> wrote:
> If there is a separation between the programmer and the template
> editor, it presents another problem. Who is responsible for escaping
> the data?
> I tend to end up with a mix, and it can get quite confusing.
Ditto -- and it is infuriating and time consuming to unravel later. I've
adopted the practice of adding a comment in the template to any variable
that is escaped in the code {*escaped in code*}. Saves a lot of time, 2nd
guessing, and code review later on.
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
