On 9 Aug 2009, at 23:01, Iván -DrSlump- Montes wrote:
Have a look at PHP's tokenizer function token_get_all. It will give
you a rock solid base for your filter since it uses the same parser
used in the PHP engine.
Actually it might not be that simple, because XML is parsed by PHPTAL
and
Thank you all for your input.
I want only to disable php blocks, to prevent echo-ing unescaped strings,
like this:
?php echo $_SERVER['HTTP_REFERER; ?
I'll go for a preFilter.
Thanks!
___
PHPTAL mailing list
PHPTAL@lists.motion-twin.com
Have a look at PHP's tokenizer function token_get_all. It will give you a
rock solid base for your filter since it uses the same parser used in the
PHP engine.
regards,
/imv
On Sun, Aug 9, 2009 at 8:40 PM, Ionut Matei johnu...@gmail.com wrote:
Thank you all for your input.
I want only to
On 06-08-2009 at 22:53:22 Ionut Matei johnu...@gmail.com wrote:
If a template contains php code, it gets into the compiled template and
will be executed...
I think a pre-filter can be created for stripping php code, but Is there
a feature or setting in PHPTAL for preventing executing php