On 17-11-2009 at 18:37:30 Iván Montes <drsl...@pollinimini.net> wrote:

<option tal:attributes="selected <?php $ctx->item->index == $ctx->selected ?>">foo</option>

This would work nicely with syntax highlighting and other editor/IDE features, is common enough for PHP developers and allows for arbitrary complex expressions.

That doesn't look any more elegant than "selected php:item.index == selected", and isn't any simpler to novice users, because you have to know $ctx-> hack.

The Tales parser just detects that the start of the expression is the "<?php" (or even "<?") and then fetches all the contents until "?>" is found (PHP's tokenizer could even be used to avoid false positives). The whole PHP chunk is then outputted in the generated file where the $ctx->path() call would go for normal tales expressions.

This would probably mean that the source template will need to be preprocessed, since as far as I know, processing instructions are not allowed inside attribute values.

PHPTAL already does that.

By the way, if you decide to go for extending Tales, I think it'll be very dangerous to allow function calling from them. Even if you try to add some white-listing security feature, it could always be prone to abuse and a possible attack vector.

It's already possible in TALES using php: syntax.

regards, Kornel

PHPTAL mailing list

Reply via email to