I dont have knowledge in laravel Blade and I have this code :
<span v-bind:class="{ 'total': (listing.price_per_week), 'total total-center': (!listing.price_per_week)}">#{{ listing.price_view }}*</span>
I want to pass that price value to this function
<?php echo removeFrom( #{{ listing.price_view }} ); ?>
but it doesnt work this way
how can pass this
Thanks
Please check this out: Blade & JavaScript Frameworks
Since many JavaScript frameworks also use "curly" braces to indicate a
given expression should be displayed in the browser, you may use the #
symbol to inform the Blade rendering engine an expression should
remain untouched. For example:
<h1>Laravel</h1>
Hello, #{{ name }}.
In this example, the # symbol will be removed by Blade; however, {{
name }} expression will remain untouched by the Blade engine, allowing
it to instead be rendered by your JavaScript framework.
Related
I have the issue in which when I am writing the components in Laravel Mailable, according to their 6.x documentation (since my Laravel version is 6.0). But despite that, in the actual email some components render properly, some are just plain HTML. By plain HTML I mean the text literally says <a>...</a>, but doesn't render the actual element.
Why would that be? Maybe there is a bug, or I am missing something? I have written the most regular email with the components provided by Laravel's docs. There is no linter errors. The view is written in blade btw.
#section('content')
#foreach ($paragraphs as $item)
<p> {{ $item }} </p>
#endforeach
#component('mail::button', [ 'url' => $link ])
{{ $buttonText }}
#endcomponent
#endsection
I resolved the issue. The issue disappeared when I removed any possible indentation in the file.
When every single line started at column 0, the components rendered properly.
Documentation (at least 6.x) doesn't say anything about that, so I assume this is a bug with blade/php mailing compilation or something.
I have a web app I'm porting from Slim v3 to Fat Free Framework. The logic part has been straight-forward. My problem has been converting some Twig view templates to F3 templates; specifically I'm having difficulty building concatenated strings to populate Materialize class fields.
For instance, suppose my Contact Form validation passes back a message_err that states, "The name field must be at least 3 characters."
The Slim app, utilizing Twig's template engine, would check to see if data.name_err was empty, if not it would create a new messageName by concatenating 'data-err="' with data.name_err and this would then be used to display an error state in a Materialize form. Here's a code snippet:
<div class="input-field">
<label for="name">Name:</label>
{% if data.name_err %}
{% set messageName = 'data-error="'~data.name_err~'"' %}
{% endif %}
some more code here...
</div>
I've tried to do something similar using F3's built in template engine, but it throws errors with everything I've tried. Here were a few attempts:
<set msg="data-error=" {{ #data.name_err }} "></set>
and:
<set msg="{{ data-error=" #data.name_err "}}"></set>
As there seems to be no way to escape characters in strings, that's why I was trying to use ASCII codes for the quotes. I tried it with the equals sign too, but got errors nonetheless.
If anybody has any thoughts I'd be most appreciative. Otherwise I'll have to dig into changing some core logic.
please try
<set msg="{{ 'data-error="'.#data.name_err.'"'}}"></set>
In F3, you can use {~ <code> ~} to execute php expressions without echoing the result.
{~ #msg = "data-error=\"#data.name_err\"" ~}
Code
We have the following Twig HTML template:
<div id="error">{{ flash.error | raw }}</div>
and we flash messages in multiple places, e.g.:
$app->flash('error', "Some error with this $user_supplied string.");
$app->flash('error', "Hello, <b>World</b>!");
Question
This is obviously a security concern, $user_supplied could include javascript. I would like to replace {{ flash.error | raw }} with {{ flash.error }}, while still allowing HTML in some cases.
What I would like to have:
<div id="error">{{ flash.error }}</div>
----
$app->flash('error', "Some error with this $user_supplied string.");
$app->flash('error', HTML("Hello, <b>World</b>!"));
That way all developers realize the dangers. I can probably hack this together, but is there maybe already a built-in way or a better alternative?
Hm, Perhaps you can check the contents of the variable in the PHP code before you pass it to the template. Then use some of PHP's built in string parsing functions to check the variable for the existence of certain tags.
If (for example) script tags are found, you could set the variable to null or false and then handle that value in your template.
Another way I can think of is to use the striptags filter. You define your allowed tags and what isn't defined will be removed. This way you can output what you want and only keep your allowed tags.
https://twig.symfony.com/doc/2.x/filters/striptags.html
{% set some_var = '<b><script>console.log(123)</script></b>' %}
<div id="error">{{ some_var|striptags('<b><strong>')|raw }}</div>
You can use escape twig variable for specific needs.
{{ flash.error|escape('js') }}
The escape filter supports the following escaping strategies:
html, js, css, url, html_attr
You can do this in your twig configuration, without knowing much about your project I am going to assume you are using Twig View. At the point of configuring Twig View for your Slim project you can do the following:
$view = new \Slim\Views\Twig('path/to/templates', [
'cache' => 'path/to/cache',
'autoescape' => 'js'
]);
That should have it configured globally for JS only escaping. I have not tested this so I am not sure if it works.
I'm using PHP Laravel framework and I came to some code examples where {{ }} is use inside a html code, like this:
<link rel="stylesheet" href=" {{ URL::to('css/app.css') }} ">
My conclusion is that the {{ }} are used to write no-HTML code inside the HTML, is that correct?
And for what is the { } used?
Thanks for your answer.
There is no { } in Blade, {{ }} displays escaped data and {!! !!} displays unescaped data.
By default, Blade {{ }} statements are automatically sent through
PHP's htmlentities function to prevent XSS attacks. If you do not want
your data to be escaped, you may use the following syntax:
Hello, {!! $name !!}.
https://laravel.com/docs/5.3/blade#displaying-data
That is not php but rather syntax for the blade template system that laravel comes bundeled with.
In short, {{$aPhpVariable}} is basically compiled to <?= htmlentities($aPhpVariable) ?> (or even <?php echo htmlentities($aPhpVariable); ?>), but from what I know, there is no single bracket ({}) syntax.
You can also use normal php code inside blade templates or just treat it as a normal html page, but it does have a bunch of things that makes building the views a lot easier.
Go check out the docs for more info about blade!
To escape data use
{{ $data }}
If you don't want the data to be escaped use :
{!! $data !!}
{} is part of the syntax of PHP code. It's used in functions, blocks of code and objects.
{{ }} it part of Laravel's Blade template syntax, echoing something in a Laravel project.
A couple of days ago, I decided to start using laravel for the next project, but I'm confused as I don't find the documentation very compelling and I'm still a laravel beginner .
So, I didn't find a solution for how to create a layout using PHP (and not built in blade templating engine).
How can I do that? What's the best way to organize layouts in a big project?
Thank you
There are many methodologies that deal with handling templates.
Here are few,
1. Using a regular include or require
You can include the header.php , sidebar.php and footer.php and as many files that you prefer for each sector(It depends on the size of the template)
2. Using a common file and having classes inside it
Include a single file and call the classes to render each area
like
class Head {
public function render($_page, $_data) {
extract($_data);
include($_page);
}
}
3. Use a Templating Engine
You shall prefer few templating engine like smart, raintpl etc., (I guess you don't prefer it ;) )
4. Acquiring by inc
You can include as suggested here
<html>
<head>
<title><?=$this->title</title>
</head>
<body>Hey <?=$this->name?></body>
</html>
And the php area would be
$view = new Template();
$view->title="Hello World app";
$view->properties['name'] = "Jude";
echo $view->render('hello.inc');
5. By having template segments in db
Believe me, I saw many good sites which stores the template in the database and it will be rendered each time. It might look like strange idea, but even i tried it for one of my project.
Conclusion :
But if i use Laravel, for sure i will prefer the Blading Tempalte Engine and I recommend you the same.
Update :
Few benefits of Using Blade Templates
1. Easy Setting of attributes
Set the attributes on the go
<title>App Name - #yield('title')</title>
2. Easy yielding
<body>
#section('sidebar')
This is the master sidebar.
#show
<div class="container">
#yield('content')
</div>
</body>
3. Simple echoing
Like this
Hello, {{ $name }}
4. Easy Condition
Like this
{{ isset($name) ? $name : 'Default' }}
5. Never Escape
Like this
Hello, {!! $name !!}.
6. Beautiful If Statements
I prefer this way to make my code more beautiful
#if (count($records) === 1)
I have one record!
#elseif (count($records) > 1)
I have multiple records!
#else
I don't have any records!
#endif
7. Checking Authentication
The simplest way to check the authentication
#unless (Auth::check())
You are not signed in.
#endunless
8. Easy For Loop
How this for loop looks like
#for ($i = 0; $i < 10; $i++)
The current value is {{ $i }}
#endfor
9. Awesome foreach statement
Splitting the key and value can't be more easy than this
#foreach ($users as $user)
<p>This is user {{ $user->id }}</p>
#endforeach
10. Include the files
How about include file like this
#include('view.name')
11. Passing parameters to views
Can Pass this array to your view
#include('view.name', ['some' => 'data'])
Source : Laravel Templates