Yeah, I read his email and thought the same thing.
I did a lot of echoing content from PHP, although I realized really
early on that switching in and out of PHP is a bad plan.
Echoing all of the HTML from within PHP is better, but you end up with
mind-bending slash-escaping when you try to do javascript from within PHP.
If anyone doesn't believe me, I'll dig out some old code from 1998. I
know I wrote some nutty thing that dynamically generated javascript that
created a slide-out menu. It's on a disk somewhere. :)
Anyway, it took me like three days to get all of that escaping right.
I'm now an escape-master as a result, but it's such an easy thing to
screw up, and such a hard/time-consuming thing to troubleshoot (think:
PARSE ERROR -- two lines after your script ends), that I knew there had
to be an easier way.
I was just starting to check out PEAR (I've been using CPAN for years,
so I was excited about the prospect), when I found
PEAR::HTML_TEMPLATE_IT -- which is a halfway-decent templating engine.
I hated a few thing about it -- that I couldn't put display logic in the
template itself, and that it made troubleshooting a PITA -- it really
obscured where problems happen.
I had heard a lot about Smarty, and finally broke down and checked it
out, and I've been a convert ever since.
The template is as easy as creating a separate HTML document with
simple tags:
<input type='hidden' name='email' value='{$email}'>
<input type='hidden' name='email' value='{$pass}'>
And your code ends up like:
$smarty->assign('email',$email);
$smarty->assing('pass',$pass);
The real power comes in when you want to pass it an array with 50
records...
$smarty->assing('users',$arrayUsers);
Template:
<table>
<th>
<td>First Name</td>
<td>Last Name</td>
<td>Email</td>
<td>Last SignIn</td>
</th>
{foreach name=users item=user data=users}
<tr>
<td>{$user.fname}</td>
<td>{$user.lname}</td>
<td>{$user.email}</td>
<td>{$user.lastsignin}</td>
</tr>
{/foreach}
</table>
You can also do stuff like:
<td>{if !$user.fname} {else}$user.fname{/if}</td>
or you can make custom functions (some are built in)
<td>{ucwords($user.fname)}</td>
or
<td>{stripslashes($user.email)}</td> <!-- you'd need to add a
custom method, but it's easy to write.
Anyway, it makes life so much easier when you can offload all the
display stuff to the template, and only worry about processing data and
error-handling in your PHP scripts. You just don't have problems like
this. You've eliminated the opportunity to screw it up -- and it's SO
easy to forget to escape a ' or ", that it's worth the two hours it'll
take to get up-to-speed on Smarty, and you'll thank yourself in six
months when you have to go back and add a feature or update the look.
This is probably a question for Duane, but if there's a lot of interest
on the board or at the meetings, I could be convinced to put together an
extensive tutorial/cookbook on App Development using Smarty,PEAR::DB,
and the MVC pattern -- to include good security practices,
type-checking, and error-handling/checking using
PEAR::RaiseError/isError methods... Well, right after I finish the
project I should be working on right now, anyway. :)
I'd love to do it, if for nothing else as a starting point for
discussing and developing a best-practices cookbook that we could all
use going forward.
-Jeromie
>...And the reason is because of all those spaces between when the PHP code
>execution ends (?>) and the "> that signifies the end of the value
>attribute. The instant the PHP code processing stops, raw html code
>continues to be sent to the browser. Thus, all those spaces, and even the
>carriage-return, are being included at the end of whatever value PHP sends
>and before the end-double-quotes.
>
>Your solution of putting each of those processes on its own separate line
>is a serviceable one, but maybe not so easy to scan with the eye. Another
>possibility would be the following....
>
><?php
>echo "<input type='hidden' name='email' value='$email'>\r\n";
>echo "<input type='hidden' name='pass' value='$pass'>\r\n";
>?>
>
>...and may I say I'm glad to see that the entire page of code isn't on one
>line, which is what I thought had ended up being the case!!! ;)
>
>
>Michael Roush
>[EMAIL PROTECTED]
>
>"The power of the Web is in its universality. Access by everyone regardless of
>disability is an essential aspect."
>-- Tim Berners-Lee, W3C Director and inventor of the World Wide Web
>
>
>
>__________________________________
>Do you Yahoo!?
>Yahoo! Small Business - Try our new resources site!
>http://smallbusiness.yahoo.com/resources/
>
>
>The PHP_mySQL group is dedicated to learn more about the PHP_mySQL web
>database possibilities through group learning.
>Yahoo! Groups Links
>
>
>
>
>
>
>
>
>
The PHP_mySQL group is dedicated to learn more about the PHP_mySQL web database
possibilities through group learning.
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/php_mysql/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
