Usage
{exp:escape get="index" regex="/^\d+$/i"} => 1
{exp:escape:sql segment="2"} => "World"
{exp:escape:html get="hello" post="hello" server="PHP_SELF" order="SPG"} => "/index.php"
{exp:escape:html get="hello" flags="ENT_QUOTES|ENT_HTML5"} => ""World""
Options
As you can see from the Usage summary above, there are three ways to call this plugin. { exp:escape}, { exp:escape:sql}, and { exp:escape:html}. The first can be used to return unmodified results, but we strongly encourage you to only use it in conjunction with the regex= parameter.
The SQL and HTML tags provide specialized encoding.
{ exp:escape}
segment=
This parameter allows you to specify a URL segment to pull.
get=
Specify a GET variable to pull.
post=
Specify a POST variable to pull.
cookie=
Specify a COOKIE name to pull.
env=
Specify an system Environment variable to pull (PHP's $_ENV).
server=
Specify a server configuration variable (PHP's $_SERVER).
request=
Simultaneously specify get=, post= and cookie=.
order=
A string that defines which order to check GET, POST, COOKIE, SERVER, ENV, and URL SegmentTs. Defaults to PHP's variables_order (with the addition of T).
regex=
If this parameter is specified, the tag will return 0 or 1 (false or true, respectively) instead of the segment or variable data. Use this to validate user input within EE's {if} blocks.
In the case where no values are read, the plugin will attempt to match a default= value.
{ exp:escape:sql}
This tag uses the same function EE does to escape SQL data. It can use any of the parameters named above (although we do not typically recommend regex=).
{ exp:escape:html}
Escape data so that it does not mess up your layout. This tag does accept one additional parameter, in addition to the ones named above.
flags=
This can be any/all of the values allowed in the second parameter of PHP's htmlspecialchars function. If you specify a flag that your version of PHP does not support, it will be silently ignored.
Additional Notes
This plugin does support parsing GET variables from SolSpace's SuperSearch module. This makes it easier to remember or modify sorting patterns without losing your search results.