Announcement

Collapse
No announcement yet.

vBulletin 4.0 Template Syntax

Collapse
X
Collapse
 

  • Scott MacVicar
    started a blog post vBulletin 4.0 Template Syntax

    vBulletin 4.0 Template Syntax

    With the style changes going into vBulletin 4.0 it is the ideal time to change the template syntax being used. The original syntax in vBulletin 3 is no longer supported and suitable replacements and enhancements have been added.

    The first thing that has been is excessive eval, before in vBulletin 3 you would find eval peppered around the code everytime a template was being evaluated, this however has potential security implications and an overhead associated with it since none of the templates could be stored by opcode caches like APC and XCache.

    vBulletin 4 now requires variables to be registered prior to their use within templates, previously all variables available at the time the template was rendered were available but this was known to cause problems when a variable was overwritten or not available. For the moment eval is still used to render the template but only inside the method in the class, this could potentially be removed in a future release.

    The new code to render a template looks similar to below, while this may seem very verbose the registration method will allow more optimizations to be performed in the future.

    PHP Code:
                $templater vB_Template::create('forumhome_event');
                    
    $templater->register('callink'$callink);
                    
    $templater->register('daysevents'$daysevents);
                    
    $templater->register('eventdate'$eventdate);
                    
    $templater->register('eventdates'$eventdates);
                
    $upcomingevents $templater->render(); 
    The templates themselves also use a new syntax themselves, these have been namespaced for performance reasons. During scanning we only need to look at tags that have the vb namespace. Due to the way the scanner is written to provide a new tag syntax a class has to be dropped in with a validate and compile method defined.

    Code:
    <vb:if condition="$var == 2">
    Value is 2
    <vb:elseif condition="$var == 3" />
    Value is 3
    <vb:else />
    Value is {vb:raw var}
    </vb:if>
    So as you can see we've added an elseif condition to templates, another commonly requested feature was a loop.

    Code:
    <vb:each from="myarray" value="foo">
    Hi {vb:raw foo}
    </vb:each>
    For content that helps describe the value of a template but has little use in being in the output we can use the new comment tag, when the templates are compiled these will be left out of the output. This can potentially help save in bandwidth.
    Code:
    <div class="someclass">
    Output: Test
    <vb:comment>
    This won't be printed as comments are stripped at compile time.
    </vb:comment>
    </div>
    For the cases in which we wish to print literal text and do no variable evaluation or tag parsing we can use the literal tag, everything will be printed exactly as it is within the tags.
    Code:
    <vb:literal>
    <vb:if condition="$var == 'test'">
    Some test
    </vb:if>
    </vb:literal>
    In addition to the new tag syntax, we've also introduced a short hand curly syntax for simpler actions and some output formatting on variables. This moves the requirement to do formatting within the code to the template layer.

    Dates can be formatted based on a timestamp, the second parameter indicates the format, if left blank the default board format is used.
    Code:
    {vb:date {vb:raw var}}
    {vb:date {vb:raw var}, Z}
    {vb:time {vb:raw var}}
    {vb:time H:i}
    There is also a shorter if condition, when you only want a simple if, else.
    Code:
    {vb:if 1+1 == 2, 'It does make 2', 'Ooops, maths fail!'}
    Number formatting
    Code:
    {vb:number 1000.1234, 3}
    In an attempt to reduce the likelihood of XSS attacks there is now the concept of raw phrases and raw variables, anything without the raw prefix will automatically be escaped with htmlspecialchars_uni() before being evaluated.
    Code:
    {vb:phrase phrasename, {vb:raw var}, '<script>alert(document.cookie);'}
    {vb:rawphrase phrasename, {vb:raw var}, '<script>alert(document.cookie);'}
    The second example here will execute javascript, the first will print the escaped text.

    For variable access we have the regular kind, the raw variables and finally a short hand method.
    Code:
    {vb:var username}
    {$username}
    The above two curlys will provide the exact same output, the latter being a little less verbose.

    Finally to complete the new syntax we are now offering more detailed error messages, when an invalid syntax is used we can tell the user what line this occurred and what was malformed.

    • Abdulla Ashoor
      #72
      Abdulla Ashoor commented
      Editing a comment
      so cool

    • dfidler
      #73
      dfidler commented
      Editing a comment
      This is a step in the right direction, but we're still missing something. If I'm honest, I was really hoping that we could do something like this this

    • valdet
      #74
      valdet commented
      Editing a comment
      In relation to this thread does anyone know how do I get around to using this simple image rotator for vB4

      Code:
      $random_number = mt_rand(1, 5);
      
      $random_banner[1] = '<img src="path/to/image1.gif" alt="" border="0" /></a>';
      $random_banner[2] = '<img src="path/to/image2.gif" alt="" border="0" /></a>';
      $random_banner[3] = '<img src="path/to/image3.gif" alt="" border="0" /></a>';
      $random_banner[4] = '<img src="path/to/image4.gif" alt="" border="0" /></a>';
      $random_banner[5] = '<img src="path/to/image5.gif" alt="" border="0" /></a>';
      On vb3 I just dropped $random_banner[$random_number] anywhere I wanted on templates and I had the expected result.

      Now for vB4 this doesn't work and I would like to know how to make it work with the new vb4 syntax. Thanks
    Posting comments is disabled.

Related Topics

Collapse

Working...
X