An ERB Safemode handler for ActionView
posted: April 22nd, 2008 · by: Sven
Just some quick notes about the safemode library I’ve been working on with the help of Peter Cooper recently. Rather than starting out with a Haml specific library Peter suggested turning this into a more widely usable tool and hacked his way to make it eat plain Ruby code as well as ERB.
Since I’ve cleaned up things a bit and started working on a Rails ActionView ERB handler so one could transparently use this library when rendering ERB templates with ActionView. Yesterday I’ve managed to render a blog index page (which I used as a sample app) through this handler for the first time.
Read the rest of this entrySending Ruby to the jail: an attemp on a Haml Safemode
posted: February 17th, 2008 · by: Sven
For my intial speculations about the feasibility of a Haml safemode as an alternative for Liquid I got a bold 'No!'.sub(/o/){|c| c * 46} by Ryan Davis. Ouch! Also, Peter Cooper initially commented rather sceptically …
You guys were right that my first thoughts didn’t go far enough with just looking for certain syntax node types. But hey! There’s still hope. :)
In the meantime I’ve implemented an experimental attemp on a safemode plugin for Haml which takes a bit different approach and certainly does more to get its job done better.
Read the rest of this entrySexy Theme Templating with Haml Safemode! Finally ...
posted: February 5th, 2008 · by: Sven
Ok, this is really a looong lasting itch of mine I wanted to scratch ever since I’ve learned Liquid templates for Mephisto.
Liquid still is (as far as I know) the only usable “safe” Ruby templating engine that one could use for themes/templates in an application like Mephisto. In this context “safe” means that you can allow your users to download and install themes from arbitrary sources.
Liquid is safe …
So, with Liquid you can still sleep at night without any worries that some bastard might have included a bit of code into a theme that sends your password files to the russian mafia, runs rm -rf / or whatever nightmare you like worse.
Liquid does a very solid job here and as such it earns respect. But … let’s face it: Liquid sucks, syntaxwise.
As a Ruby programmer you want a templating system that makes your templates easier to type and more intuitive to grasp than ERB, not worse! Maybe it’s really just me, but for me Liquid fails miserably in this regard.
Haml is sexy …
On the other side of the Ruby template engines universe lives Haml. A templating system that is that awesome that you can’t possibly toy around with it for more than 3 minutes without getting totally addicted to it. But Haml is an evaluating templating system like ERB and as such you can’t use it for themes from arbitrary sources.
So how cool would it be to combine the best of both? Obviously it’d totally rock. It would be as cool as Yahoo sunglasses in 1994 and as sexy as the Audi R8 in 2008 combined.
Read the rest of this entryWhy php5 DomDocuments need to be un/serialize()able
posted: March 2nd, 2005 · by: Sven
In our last post about “Template playing with php5’s Dom” we shared some thoughts about how to build a basic templating engine based on php5’s build-in dom extension. I have been playing around with that and have to say I found php5 dom’s lack of being un/serialize()able really annoying.
Why would anyone want to php un/serialize() a php Dom tree? A dom can be “serialized” to Xml, that’s human readable and non-proprietary! Creating a DomDocument and getting some Xml parsed is fast.
So, what the *%#~ is this about?
Ok, let’s take a minute to investigate that. Here’s an answer.
Read the rest of this entryTemplate playing with php5's Dom
posted: January 15th, 2005 · by: Sven
Standards, standards, standards … just had a look into Jeffrey Zeldman’s “Designing With Web Standards” (again). He’s nearly religious, but absolutely convincing and insightful about why we all should use web standards. You have to read it.
Ever thought about the role that standards play in the php world? To me it seems obvious that the php world definitely lacks a templating standard.
There are countless php template engines out there, each one introducing some own nifty template language, template tag syntax or something equivalent. What would php’s template world look like, if all this programmer’s manpower was concentrated by the presence of a standard (or at least: some strong recommendations)?
But wait. php5 comes along with a fine, build-in XML DOM extension. Isn’t that a standard? Indeed, it is.
Let’s have a look at how we could get started with a templating system bootstrap using that stuff.
Read the rest of this entry