| px | top | add code | search | signup | login | help |
<?php
// HTML Template v0.10
//
// Changes from HTML Templates v0.9
//
// AddSlashes replaced by ereg_replace("\"","\\\"...
// to prevent single quotes from getting escaped too (javascript errors)
//
// Added EvalTemplate which returns the filled in template, this way
// it's now possible to create any kind of template e.g. mail
//
// What is HTML Templates v0.10
//
// A function that fills in php variables in a template file to make
// the design of your website independent of the php code.. I hope.
// Call: "$template=EvalTemplate($templatefile, $vars);"
// WARNING: no warranty whatsoever, use at your own risk, there will be bugs
// and/or security risks in this code.
//
// $templatefile is a full filename of the html file to use as a template.
//
// $vars is a list of all the variables used in the templatefile. It is
// needed since all global variables need to be declared in the function.
// The format is "\$varname" [ ", \$varname" ]* e.g.: "\$var1, \$var2"
//
// The template file can contain any html-code. Variables can be included
// anywhere like this: '<body bgcolor="$bgcolor1">'
// If you want to display some html code multiple times for array variables
// use something like the following format:
// <select name="test"> {
// <option value="$test[]">$test[]</option>
// } </select>
//
// Mistyping this like {{ $test[] } will cause strange errors as php tries
// to interpret $test[]. It will complain that is needs a STRING or an INT or
// something as it wants an index key between [ and ] :)
//
// Security.
// I don't check for /dev/zero, or other large template files, if you can
// choose the template file, you obviously can already create malicious php
// files.
// The template files should be safe, although every line is incuded in an
// 'eval' statement. I replace every '"' with a '\"', so you shouldn't be
// able to 'escape' from the echo statement in a template file.
//
// Used variables.
// Since the function 'globals' any variables you defined in your template
// it is easy to get a variabele name clash. Here's the list of allt he
// variables I used in this function:
// $templatefile, $line, $vars: function declarations
// $dt_result
// $dt_middle
// $dt_explode
// $dt_multiple
// $dt_expl2
// $dt_uservar
// $dt_uservar_count
// $dt_i
// $dt_temp
// $dt_tail
// $dt_template
//
// copyright 1998 Auke van Slooten
// released under the GNU Genereal Public License
function EvalLine($line, $vars) {
eval("global $vars;");
if (ereg("[^{]{[^{}][^}]*}",$line, $dt_result)) { // found a multiple
$dt_middle=substr($dt_result[0],1,strlen($dt_result[0])-1); // cut the "[^{]" character
$dt_explode=explode($dt_middle, $line); // explode on the multiple part
$dt_evalhead=EvalLine($dt_explode[0], $vars); // no more multiples here
$dt_multiple=substr($dt_middle,1,strlen($dt_middle)-2); // cut "{" and "}"
$dt_expl2=explode("[]",$dt_multiple);
$dt_uservar=strrchr($dt_expl2[0], "\$"); // get the first array variable name
eval("\$dt_uservar_count=@count($dt_uservar);"); // count the length of the array
// @ suppresses warnings when the array is not defined
$dt_multiple=ereg_replace("\\\$([^\[]*)\[\]","\$\\1[\$dt_i]",$dt_multiple); // this line replaces things like $var[] with $var[$dt_i].
for ($dt_i=0;$dt_i<$dt_uservar_count;$dt_i++) {
eval("\$dt_evalmultiple.=\"$dt_multiple\";"); // let eval fill in the values
}
$dt_explode[0]=""; // first part is done, remove it
$dt_temp=implode($dt_explode, $dt_middle); // and glue the parts together again
$dt_tail=substr($dt_temp, strlen($dt_middle), strlen($dt_temp)); // cut the first "middle" part of, its in dt_evalmultiple now
return $dt_evalhead.$dt_evalmultiple.EvalLine($dt_tail, $vars); // could also go for EvalLine($dt_explode[1], $vars) but there might be more elements...
} else {
eval("return \"".ereg_replace("{{","{",$line)."\";"); // no multiples, just replace double {{ with a single { and let eval fill in the values for variables
}
}
Function EvalTemplate($templatefile, $vars) {
$dt_template=ereg_replace("\"","\\\"",implode(file($templatefile), ""));
return EvalLine($dt_template, $vars);
}
Function DisplayTemplate($templatefile, $vars) {
echo EvalTemplate($templatefile, $vars);
}
?>
Comments or questions?
PX is running PHP 5.2.11
Thanks to Miranda Productions for hosting and bandwidth.
Use of any code from PX is at your own risk.