Skip to content

Commit 78636d2

Browse files
committed
Merge branch 'master' of https://github.com/slimphp/PHP-View
2 parents de3b4b1 + 4e54c44 commit 78636d2

1 file changed

Lines changed: 10 additions & 4 deletions

File tree

README.md

Lines changed: 10 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,12 @@
33
This is a renderer for rendering PHP view scripts into a PSR-7 Response object. It works well with Slim Framework 3.
44

55

6+
### Cross-site scripting (XSS) risks
7+
8+
Note that PHP-View has no built-in mitigation from XSS attacks. It is the developer's responsibility to use `htmlspecialchars()` or a component like [zend-escaper](https://github.com/zendframework/zend-escaper). Alternatively, consider [Twig-View](https://github.com/slimphp/Twig-View).
9+
10+
11+
612
## Templates
713
You may use `$this` inside your php templates. `$this` will be the actual PhpRenderer object will allow you to render sub-templates
814

@@ -13,7 +19,7 @@ Install with [Composer](http://getcomposer.org):
1319
composer require slim/php-view
1420

1521

16-
## Usage With Slim 3
22+
## Usage with Slim 3
1723

1824
```php
1925
use Slim\Views\PhpRenderer;
@@ -45,16 +51,16 @@ $response = $phpView->render(new Response(), "/path/to/template.php", $yourData)
4551
You can now add variables to your renderer that will be available to all templates you render.
4652

4753
```php
48-
//Via the constructor
54+
// via the constructor
4955
$templateVariables = [
5056
"title" => "Title"
5157
];
5258
$phpView = new PhpRenderer("./path/to/templates", $templateVariables);
5359

54-
//Or Setter
60+
// or setter
5561
$phpView->setAttributes($templateVariables);
5662

57-
//Or Individually
63+
// or individually
5864
$phpView->addAttribute($key, $value);
5965
```
6066

0 commit comments

Comments
 (0)