Home/ Questions/Q 6093247
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T12:32:17+00:00

Can you recommend any good solution for automatic view variable escaping for Zend Framework

  • 0

Can you recommend any good solution for automatic view variable escaping for Zend Framework 1.x?

I have tried so far:

  • ZF2 implementation; looks like it does not escape variables syntax like this: $this->var->object()->string
  • gnix-view, very nice, but has a nasty recursion bug
  • custom solutions based on view streams, similar to Rob Allen’s escaper, but parsing syntax with regex always fails
  • Twig (no good support for view helpers and layout)
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    if i would think to make an automatic escaper i would create a ZF plugin that run in postDispatch :

    postDispatch() is called after an action is dispatched by the dispatcher. This callback allows for proxy or filter behavior. By altering the request and resetting its dispatched flag (via Zend_Controller_Request_Abstract::setDispatched(false)), a new action may be specified for dispatching. source

    mybe some use of htmlprifier would be a smart job 🙂 

    class Automatic_Escaper extends Zend_Controller_Plugin_Abstract{
   public function postDispatch(Zend_Controller_Request_Abstract $request)
    {
        $response = $this->getResponse();
        $htmlpurifier = Zend_Registry::get('purifier');
        $safe = $htmlpurifier->purify($response);
        return $this->setResponse($safe);
    }
}

    I hope I explained my idea regardless of the status the sample above .

    • 0