Repository files navigation

An easy to use HTML5 generator written in PHP. Creates valid and secure HTML5 code.

To install the library I would recommend to use Composer. Execute the following command

$ composer require patrickschur/html5gen

or add this to yourcomposer.json

{"require": {"patrickschur/html5gen":"*"  }}

Because the script is not really big you could also copy theHtml5Gen.php out of thesrc folder to use the script without Composer.

require'vendor/autoload.php';useHtml5Gen\Html5GenasH;// shorthandechoH::html([],function() {    H::head();    H::body();});

outputs:

<!DOCTYPE html><html><head></head><body></body></html>

All elements have one thing in common, all of them expect attributes.That is also the reason why it is the first parameter of all methods.You can specify attributes by an array. Where the key is the name of the attribute and the value the attribute value.If you do not want to specify attributes, leave the array empty.You can also omit the array if you do not use a callback.

echoH::html(['lang' =>'en','dir' =>'ltr'],function() {    H::head();    H::body([],function () {        H::p(['class' =>'foo bar']);    });});

outputs:

<!DOCTYPE html><htmllang="en"dir="ltr"><head></head><body><pclass="foo bar"></p></body></html>

The second and last parameter is the a callback function defined by the user.This lets you write a more generic code and allows the nesting of elements.With theyield keyword it is possible to write text into the current element without terminating the function.

Notice: Elements likebase,br,meta,area,input,wbr,hr,link,param,source,col andimg can not have a callback, only attributes.

echoH::html([],function() {    H::head([],function () {        H::meta(['charset' =>'UTF-8']);    });    H::body([],function ()    {foreach (range(0,10)as$number) {            H::p([],function ()use ($number) {yield$number;            });        }    });});

outputs:

<!DOCTYPE html><html><head><metacharset="UTF-8"></head><body><p>0</p><p>1</p><p>2</p><p>3</p><p>4</p><p>5</p><p>6</p><p>7</p><p>8</p><p>9</p><p>10</p></body></html>

The script will automatically detect if it is useful to escape a value or not.For example if you want to define ascript tag, it would not be useful to escape, because that destroys the logic of a script.But if you use apre tag it makes much more sense to escape the value. Also works for attributes.

echoH::html([],function() {    H::head([]);    H::body([],function () {// A really bad attribute value        H::pre(['id' =>'"\'"'],function () {yield'<script>alert(1);</script>';// maybe some user code?        });// Be careful with that and do not use user code in it        H::script([],function () {yield'var x = Math.floor(Math.random() * 100);';yield'alert(0 < x < 100);';        });    });});

outputs:

<!DOCTYPE html><html><head></head><body><preid="&quot;'&quot;">&lt;script&gt;alert(1);&lt;/script&gt;</pre><script>varx=Math.floor(Math.random()*100);alert(0<x<100);</script></body></html>

• Exists the attribute for the element? (Find a better implementation of that!)
• Is the given attribute value allowed for the specified attribute?
• Is the element allowed in the current element?
• Check the document for bad practices. For example duplicate id references.
• Check thenonce andintegrity attribute on the correctness.

Feel free to contribute. Any help is welcome.

This projects is licensed under the terms of the MIT license.