Xepher.Net Forums

Community => Knowhow Trading Post => Topic started by: Databits on August 13, 2008, 02:40:02 am

Title: Easy PHP Templating Engine
Post by: Databits on August 13, 2008, 02:40:02 am
Now I know a lot of people who work in PHP have heard about Smarty, but I tell ya I've never seen something so horribly over-complex as it.

Tell me the use of a templating language that can't even do string concatenation in a somewhat simple and sane manner? How about that it complies template to raw php code which can quickly become a nasty security hole on shared hosts? That's not to mention that it's flat out a pain in the ass in many situations and isn't exactly web designer friendly. The worst part is you have to MANUALLY escape things during output, which from a security standpoint is *retarded*. Things should be escaped by default and you should need to tell it not to.

Well now there's a templating system that exists that is sane, is just as fast as smarty, more secure, escapes things intelligently, and is web designer friendly.

I can also vouch for it's speed and ease of use as we've now used it on a few rather decent sized contract projects.

http://php-sugar.net/ (http://php-sugar.net/)

I'm hoping this can come in handy for some people who are a little more code-oriented here.
Title: Re: Easy PHP Templating Engine
Post by: Xepher on August 13, 2008, 07:36:10 am
Yeah, you've mentioned that project several times to me, and it looks like they've come pretty far since you first noted it. I'm looking at the site, and it seems pretty useful and, above all, SIMPLE, compared to Smarty. (That's a good thing.) The one thing they could use though is just a "for dummies" sort of tutorial to talk you though a basic example or two. The documentation, while nice, doesn't really show how to start or really what it does. Still though, I'll probably try this on my next project instead of Smarty.
Title: Re: Easy PHP Templating Engine
Post by: Databits on August 13, 2008, 02:22:23 pm
Well the person who writes this is a real life friend of mine, so I can mention that to him. Hell I think the documentation was just written like 2 weeks ago. :P

Simple was the whole point of him writing this. Because Smarty *is* a total pain in the ass. It gets all this attention though, because... well... there really wasn't anything else that was actually worth a damn out there. There's plenty in Smarty that pisses me off, one of the most notable ones that I had mentioned is string concatenation, which you would think to be a native and easy part of a "templating engine". Then there's the escaping (it's the same concept as forgetting to quote SQL, you know what I mean Xeph), and the way math works, and how page and function caching works, and I know there's more but I can't remember them off the top of my head.

Now just a heads up, there are a few things that he's going to be changing pre-1.0 (release). I think he's still trying to determine on how to handle function params (names, non-named, ordered, etc...). Because as I've stated, we have in fact used this in several small and large projects and do on occasion run into a quirk or two that needs to be addressed. This is why it's not to release 1.0 yet. ;)