For more information... RTFM!
NAVIGATION
PAGES THAT LINK HERE
ACCOUNT LOGIN

You are not logged in

Powered by Interchange version 5.7.0

safe_data

Allow loop sub-tags to return Interchange tags and variables verbatim.

Valid values

Valid values are 0 and 1.  The default is 0.

Description

By default, Interchange does not allow data returned from the database to be interpolated (all "[" characters are converted to the "[" HTML entity and displayed literally).  Setting this pragma lifts this restriction, allowing tags to return "[" characters verbatim.

If you want to have Interchange tags in your database and display them in Interchange pages (perhaps to use the [area] tag to generate internal URIs for use in links inside product description text), then you need to enable this pragma.

It is always better to use the safe_data attribute, available to certain tags, or perhaps the [pragma safe_data] (for a whole page), or even [tag pragma safe_data]...[/tag] (for a small block of Interchange tag code on a page), rather than setting a website-wide safe_data Pragma.

It is strongly recommended that you surround affected code with a [restrict] tag to only allow specific ICML tags to be interpolated.  You risk security compromises if you allow [calc], [perl] or any other similarly powerful tags.

Be certain that you absolutely know how the data got into your databases, and where it will be used.  Consider the following:

  • Will it always be possible to interpolate?
  • What about e-mailed plain-text receipts?  Will literal [area] tags show up in product descriptions in the receipt?
  • Would the desired output of <a href="..."> be any better than a simple plain text?
  • What if you access your database from applications other than Interchange?  You'd then have to decide what to do with such tags.  Perhaps you could simply strip them, but will the missing output cause trouble?

Warning

Warning

Watch out for parse order with [tag pragma] or [restrict], when used with lists that retrieve data from the database, such as [PREFIX-*] and the flypage.  Loops parse before ordinary tags, such as [tag] and [restrict], and are therefore not affected by them.  You can resolve this by enclosing the entire loop tag with [tag] or [restrict] etc.

See the Interchange tag parsing order documentation for more information.

Warning

Warning

safe_data is disabled, by default, for a very good reason.  You should be very careful if you decide to enable it.

Category:  Interchange pragmas
Last modified by: Kevin Walsh
Modification date: Monday 2 July 2007 at 11:46 PM (EDT)
Home  |  Legal nonsense  |  Privacy policy  |  Donations  |  Contact us