Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
The Lumber Mill - XSLT For Your Templates
1. FrOSCon
Bastian Feder, Thomas Weinert
"The Lumber Mill"
Using XSLT For Your Templates
2. About Us
● Application Developer
– PHP
– XSLT/XPath
– (some) JavaScript
● papaya CMS
– PHP based Content Management System
– uses XSLT for Templates
3. About You
● Who are you?
● Do you use XSLT?
● How often do you use XSLT?
● Do you use other template systems/languages?
● Smarty?
● TypoScript?
● ...?
5. XSL
● XML
– Semantic variable tree
● XPath
– Query language for XML trees
● XSLT
– Transforming XML
● Conditions
● Loops
● …
6. Comparison
● PHP based ● XSLT
– Individual syntax – Standardized
– Individual tools syntax
– Individual
– Free and
documentation commercial tools
– Different flavors
– Documentation of
for different the standard and
purpose the
implementations
– Easy Syntax?
– One to rule them
all
7. Nodes
● texts/text[@ident='foo']/*
● texts/text[@ident='foo']/text()
● texts/text[@ident='foo']/node()
● texts/text[@ident='foo']/@value
Elements Text nodes Attributes
* text() @*
node()
8. Template call/apply
● <xsl:call-template/>
– Call templates by name
● <xsl:apply-templates/>
– Template matching
– Most exact pattern wins
● Current node
● Parameters
● Modes
9. Static Templates Files
● Template files should not be writable by the
web server
– Security
– Tools
● Template files should not be generated from
PHP
– Same reasons
– Context
10. Collecting Output
Page (HTML)
Page (XML)
Part 1 (HTML) Part 2 (HTML)
Main (XML) Part 1 (XML) Part 2 (XML)
11. Caching Output
Page (HTML)
Page (XML)
Cache
Part 1 (HTML) Part 2 (HTML)
Main (XML) Part 1 (XML) Part 2 (XML)
12. Embedding Output
● Escaping and CDATA-Sections
– CDATA is for readability and whitespaces
● <xsl:copy-of select=“...“/>
● disable-output-escaping=“yes“
● Dangers
– HTML Injection
14. Multiple Columns Template
● Group items
– Calculate positions
● Call item group templates
● Call item generic template
● Use itemType parameter to identify item
template
● Call type specific template for item
15. XML Data Files
● Wellformed XML
● XPath: document()
● URI
– Single loading
17. EXSLT
● Community initiative to provide extensions to
XSLT
– Common
– Functions
– Math, Random
– Strings, Regular Expressions
– Dates and Times
– Sets
– Dynamic
18. EXSLT: functions module
● Make templates to functions
– func:function
– func:result
● Namespace required
– func
– Own
19. PHP
● Streamwrapper
– return XML data for document()
● Callbacks
– call php source
20. Streamwrapper
● PHP file functions use stream wrappers
– Internal: http, ftp, phar, …
● Register own stream wrappers
– PHP class
– Basic functions
● stream_open(), stream_read(), stream_tell(),
stream_seek(), stream_eof(),
– url_stat()
● No php source!
24. ext/xslcache
● Process cache
● Performance increase
● Still evaluating
– Only some checks in php requests
● Only static XSLT
● Same library like ext/xsl
– eXSLT
– PHP callbacks