Thanks for the advice. I'd prefer to go with method #1 because that is how
I was previously rendering templates with Zend_View. The echo issue still
remains, however. If I use ${dojo().onLoadCaptureEnd()} then I get random
"1" outputs everywhere because onLoadCaptureEnd() returns true. This is
rather unfortunate because dojo information is rendered all over the place
in Zend. For example,

Standard template which should form the skeleton of the view.

Uses Zend_Dojo_Form to output a Dojotized form.

Uses dijit.Menu to create a nifty menu.

If I have default.tpl.html which contains content from add.tpl.thml and
menu.tpl.html then I run into a serious issue. Everytime I call
${dojo().onLoadCaptureStart()} or
${dojo().requireModule('some.Dijit.Here')} then Zend will call the
__toString() method of the dojo() view helper because PHPTAL prepends
everything with an echo. This ends up giving me the complete dojo() output
multiple times throughout my template. By the time the template is done
rendering I may have included dojo.xd.js from the AOL CDN five or more

So, while the escape issue is troubling it's not as serious as the problem
I've outlined above. I've spent most of the morning trying to come up with
a solution and have failed miserably.

regards, Kyle

-------- Original Message --------
Subject: Re: [PHPTAL] How to disabe ${php: XXXX} forced echo?
Date: Tue, 12 Jan 2010 14:49:17 -0000
From: Kornel Lesiński <>
To: "Template Attribute Language for PHP" <>
Reply-To: Template Attribute Language for PHP

On 12-01-2010 at 13:25:45 <> wrote:

>>> Does Dojo expect to get HTML/XML markup as input, or unescaped script?
>> If the latter, you might get nasty surprise when you use '&' or '<'.
> I see what you mean here. I think I'll try to come up with some way to
> alter the scripts. Perhaps using macros to insert the the script code  
> where necessary? I haven't looked at them much but they sound promising.

Macros just call PHPTAL code, so you'll get more of the same escaping :)

I've checked source code of this dojo view, and it's quite ignorant about 

escaping, as I expected. It doesn't try to escape the content, just hopes 

to receive something compatible with whatever can be put in <script> (in  
HTML) or CDATA (if xhtml mode is enabled).

With these assumptions if you used </ or ]]> in your source code, it could

break the page. If you used XML without CDATA to capture, the script could

fail, etc. (regardless whether you use PHPTAL or not).

I think your options are:

  1. Use capturing, but stay away from characters that have different  
meaning in XML/HTML/CDATA/plaintext: < > &

  2. Use $dojo->addOnLoad() in PHP code. Give it code escaped
for template markup you generate (best bet is to use HTML5 output mode and

only escape </ as <\/)

  3. Try <script tal:omit-tag="">/*<![CDATA[*/ instead of <tal:block>.  
Script element in PHPTAL triggers special-case workaround for text/html,  
which is closer to what Dojo expects.

regards, Kornel

PHPTAL mailing list

PHPTAL mailing list

Reply via email to