Uscita la versione 2.4.0 del noto template engine Savant. E' possibile scaricarlo a questo indirizzo.
Changelog:
- Added new methods for automated escaping of output: setEscape() and addEscape() to manage the escape callbacks, getEscape() to retrieve the list of callbacks, escape() to escape-and-return a value, and _() to escape-and-echo a value. The default escaping is htmlspecialchars().
- Please note that echo and print still work, but they're not "XSS-preventive by default". All your templates as they are will continue to work just as they have, but you should consider updating them to take advantage of the new methods.