Sluz v0.9.4 documentation

Available documentation:

080_escape.php

PHP: 
<?php

///////////////////////////////////////////////////////////////////////////////
// The escape modifier safely encodes output to prevent XSS.                 //
// Supported types: 'html' (default), 'url', and 'js'.                      //
///////////////////////////////////////////////////////////////////////////////

include("../sluz.class.php");
$s = new sluz();

$s->assign("name", "<script>alert('XSS')</script>");
$s->assign("url_path", "hello world");
$s->assign("js_val", "It's a \"test\"");

print $s->fetch("tpls/080_escape.stpl");
Template: 
<h1>Escape Modifier</h1>

<p>HTML escaped: {$name|escape}</p>

<p>URL escaped: {$url_path|escape:"url"}</p>

<p>JS escaped: {$js_val|escape:"js"}</p>
Output: