2023-02-06 14:42:31 +01:00
# escape
2021-12-03 11:59:22 +01:00
`escape` is used to encode or escape a variable to `html` , `url` ,
`single quotes` , `hex` , `hexentity` , `javascript` and `mail` . By default
its `html` .
2023-02-06 14:42:31 +01:00
## Basic usage
```smarty
{$myVar|escape}
```
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
## Parameters
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
| Parameter Position | Type | Required | Possible Values | Default | Description |
|--------------------|---------|----------|----------------------------------------------------------------------------------------------------------------|---------|--------------------------------------------------------------------------------------|
| 1 | string | No | `html` , `htmlall` , `url` , `urlpathinfo` , `quotes` , `hex` , `hexentity` , `javascript` , `mail` | `html` | This is the escape format to use. |
| 2 | string | No | `ISO-8859-1` , `UTF-8` , and any character set supported by [`htmlentities()` ](https://www.php.net/htmlentities ) | `UTF-8` | The character set encoding passed to htmlentities() et. al. |
| 3 | boolean | No | FALSE | TRUE | Double encode entities from & to & (applies to `html` and `htmlall` only) |
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
## Examples
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
```php
<?php
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
$smarty->assign('articleTitle',
"'Stiff Opposition Expected to Casketless Funeral Plan'"
);
$smarty->assign('EmailAddress','smarty@example .com');
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
```
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
These are example `escape` template lines followed by the output
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
```smarty
{$articleTitle}
'Stiff Opposition Expected to Casketless Funeral Plan'
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
{$articleTitle|escape}
' ;Stiff Opposition Expected to Casketless Funeral Plan' ;
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
{$articleTitle|escape:'html'} {* escapes & " ' < > *}
' ;Stiff Opposition Expected to Casketless Funeral Plan' ;
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
{$articleTitle|escape:'htmlall'} {* escapes ALL html entities *}
' ;Stiff Opposition Expected to Casketless Funeral Plan' ;
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
<a href="?title={$articleTitle|escape:'url'}">click here</a>
<a
href="?title=%27Stiff%20Opposition%20Expected%20to%20Casketless%20Funeral%20Plan%27">click here</a>
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
{$articleTitle|escape:'quotes'}
\'Stiff Opposition Expected to Casketless Funeral Plan\'
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
<a href="mailto:{$EmailAddress|escape:"hex"}">{$EmailAddress|escape:"hexentity"}</a>
{$EmailAddress|escape:'mail'} {* this converts to email to text *}
<a href="mailto:%62%6f%..snip..%65%74">b ;o ;b ..snip..e ;t ;</a>
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
{'mail@example .com'|escape:'mail'}
smarty [AT] example [DOT] com
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
{* the "rewind" parameter registers the current location *}
<a href="$my_path?page=foo&rewind={$my_uri|escape:url}">click here</a>
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
```
2021-12-03 11:59:22 +01:00
This snippet is useful for emails, but see also
2023-02-06 14:42:31 +01:00
[`{mailto}` ](../language-custom-functions/language-function-mailto.md )
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
```smarty
{* email address mangled *}
<a href="mailto:{$EmailAddress|escape:'hex'}">{$EmailAddress|escape:'mail'}</a>
```
2021-12-03 11:59:22 +01:00
2023-02-06 14:42:31 +01:00
See also [escaping smarty parsing ](../language-basic-syntax/language-escaping.md ),
[`{mailto}` ](../language-custom-functions/language-function-mailto.md ) and the [obfuscating email
addresses](../../appendixes/tips.md#obfuscating -e-mail-addresses) page.
