escape
is used to encode or escape a variable to html
,
url
, single quotes
,
hex
, hexentity
,
javascript
and mail
.
By default its html
.
Parameter Position | Type | Required | Possible Values | Default | Description |
---|---|---|---|---|---|
1 | string | No |
html , htmlall ,
url ,
urlpathinfo , quotes ,
hex , hexentity ,
javascript , mail
|
html |
This is the escape format to use. |
2 | string | No |
ISO-8859-1 , UTF-8 ,
and any character set supported by
htmlentities()
|
UTF-8 |
The character set encoding passed to htmlentities() et. al. |
3 | boolean | No | FALSE |
TRUE |
Double encode entites from & to & (applys to html and htmlall only) |
Example 5.10. escape
<?php $smarty->assign('articleTitle', "'Stiff Opposition Expected to Casketless Funeral Plan'" ); $smarty->assign('EmailAddress','smarty@example.com'); ?>
These are example escape
template lines followed by the output
{$articleTitle} 'Stiff Opposition Expected to Casketless Funeral Plan' {$articleTitle|escape} 'Stiff Opposition Expected to Casketless Funeral Plan' {$articleTitle|escape:'html'} {* escapes & " ' < > *} 'Stiff Opposition Expected to Casketless Funeral Plan' {$articleTitle|escape:'htmlall'} {* escapes ALL html entities *} 'Stiff Opposition Expected to Casketless Funeral Plan' <a href="?title={$articleTitle|escape:'url'}">click here</a> <a href="?title=%27Stiff%20Opposition%20Expected%20to%20Casketless%20Funeral%20Plan%27">click here</a> {$articleTitle|escape:'quotes'} \'Stiff Opposition Expected to Casketless Funeral Plan\' <a href="mailto:{$EmailAddress|escape:"hex"}">{$EmailAddress|escape:"hexentity"}</a> {$EmailAddress|escape:'mail'} {* this converts to email to text *} <a href="mailto:%62%6f%..snip..%65%74">bob..snip..et</a> {'mail@example.com'|escape:'mail'} smarty [AT] example [DOT] com
Example 5.11. Other examples
{* the "rewind" parameter registers the current location *} <a href="$my_path?page=foo&rewind=$my_uri|urlencode}">click here</a>
This snippet is useful for emails, but see also
{mailto}
{* email address mangled *} <a href="mailto:{$EmailAddress|escape:'hex'}">{$EmailAddress|escape:'mail'}</a>
See also
escaping smarty parsing,
{mailto}
and the
obfuscating email addresses page.