29 September 2004 - 23:51PHPTAL And Outputting Variables With HTML

On thing that I had no idea about when designing my first site using PHPTAL was it’s curious feature where it automatically escapes all HTML output. I can see how this would be quite helpful, since there could be situations where harmful code could be injected into one of the variables and bad things would occur. Not only that it forces the content to adhere to the XHTML standards on it’s own. This did not work for me. I had a TON of data in HTML out of a database that needed to get dumped into a table, and I couldn’t change the format. It was NOT in the documentation on the Sourceforge site, or in the SGML documentation distributed with the software. Well, it took a ton of searching, but I’ve found it. The structure keyword. Read on for usage.

Solution

Here is a good example of what I’m referring too.

• HTML source file.
• PHP source file.
• HTML source page without the PHPTAL replaces.
• Result page with PHPTAL replaces made.

As you can see, in the second replace, the HTML was sent as-is without modification. This was done with the structure keyword. It’s used as follows:

<!-- Replaces "Test Content" with the value of test
     escaping HTML characters. This includes © to &copy;
     and < to &lt; -->
<p tal:content="test">Test Content</p>

<!-- Replaces "Test Content" with the value of test
     while not escaping anything. -->
<p tal:content="structure test">Test Content</p>

Summary

This solution was very difficult to come across. I couldn’t even find the solution while digging through the code, SGML documentation, or an Internet search. The only place I found an example is in PHPTAL test 02. If you’re curious, check out tests/tests.php and look at test #2. Hopefully small things such as this will be included in the documentation in the future. At least it was tested.