Twig for Developers ¶
This chapter describes the API to Twig and not the template language. It will be most useful as reference to those implementing the template interface to the application and not those who are creating Twig templates.
Basics ¶
Twig uses a central object called the environment (of class
\Twig\Environment
). Instances of this class are used to store the
configuration and extensions, and are used to load templates.
Most applications create one \Twig\Environment
object on application
initialization and use that to load templates. In some cases, it might be useful
to have multiple environments side by side, with different configurations.
The typical way to configure Twig to load templates for an application looks roughly like this:
1 2 3 4 5 6 |
require_once '/path/to/vendor/autoload.php';
$loader = new \Twig\Loader\FilesystemLoader('/path/to/templates');
$twig = new \Twig\Environment($loader, [
'cache' => '/path/to/compilation_cache',
]);
|
This creates a template environment with a default configuration and a loader
that looks up templates in the /path/to/templates/
directory. Different
loaders are available and you can also write your own if you want to load
templates from a database or other resources.
Note
Notice that the second argument of the environment is an array of options.
The cache
option is a compilation cache directory, where Twig caches
the compiled templates to avoid the parsing phase for sub-sequent
requests. It is very different from the cache you might want to add for
the evaluated templates. For such a need, you can use any available PHP
cache library.
Rendering Templates ¶
To load a template from a Twig environment, call the load()
method which
returns a \Twig\TemplateWrapper
instance:
1 |
$template = $twig->load('index.html');
|
To render the template with some variables, call the render()
method:
1 |
echo $template->render(['the' => 'variables', 'go' => 'here']);
|
Note
The display()
method is a shortcut to output the rendered template.
You can also load and render the template in one fell swoop:
1 |
echo $twig->render('index.html', ['the' => 'variables', 'go' => 'here']);
|
If a template defines blocks, they can be rendered individually via the
renderBlock()
call:
1 |
echo $template->renderBlock('block_name', ['the' => 'variables', 'go' => 'here']);
|
Environment Options ¶
When creating a new \Twig\Environment
instance, you can pass an array of
options as the constructor second argument:
1 |
$twig = new \Twig\Environment($loader, ['debug' => true]);
|
The following options are available:
debug
booleanデバッグブール値When set to
true
, the generated templates have a__toString()
method that you can use to display the generated nodes (default tofalse
).true に設定すると、生成されたテンプレートには、生成されたノードを表示するために使用できる __toString() メソッドが含まれます (デフォルトは false)。charset
string (defaults toutf-8
)文字セット文字列 (デフォルトは utf-8)The charset used by the templates.
テンプレートで使用される文字セット。cache
string orfalse
キャッシュ文字列または falseAn absolute path where to store the compiled templates, or
false
to disable caching (which is the default).コンパイルされたテンプレートを保存する絶対パス。キャッシュを無効にする場合は false (デフォルト)。auto_reload
booleanauto_reload ブール値When developing with Twig, it's useful to recompile the template whenever the source code changes. If you don't provide a value for the
auto_reload
option, it will be determined automatically based on thedebug
value.Twig で開発する場合、ソース コードが変更されるたびにテンプレートを再コンパイルすると便利です。 auto_reload オプションの値を指定しない場合、debug 値に基づいて自動的に決定されます。strict_variables
booleanstrict_variables ブール値If set to
false
, Twig will silently ignore invalid variables (variables and or attributes/methods that do not exist) and replace them with anull
value. When set totrue
, Twig throws an exception instead (default tofalse
).false に設定すると、Twig は無効な変数 (存在しない変数や属性/メソッド) を黙って無視し、null 値に置き換えます。 true に設定すると、Twig は代わりに例外をスローします (デフォルトは false)。autoescape
string自動エスケープ文字列Sets the default auto-escaping strategy (
name
,html
,js
,css
,url
,html_attr
, or a PHP callback that takes the template "filename" and returns the escaping strategy to use -- the callback cannot be a function name to avoid collision with built-in escaping strategies); set it tofalse
to disable auto-escaping. Thename
escaping strategy determines the escaping strategy to use for a template based on the template filename extension (this strategy does not incur any overhead at runtime as auto-escaping is done at compilation time.)デフォルトの自動エスケープ戦略 (name、html、js、css、url、html_attr、またはテンプレート「ファイル名」を受け取り、使用するエスケープ戦略を返す PHP コールバックを設定します。組み込みのエスケープ戦略);自動エスケープを無効にするには、false に設定します。名前エスケープ戦略は、テンプレートのファイル名拡張子に基づいて、テンプレートに使用するエスケープ戦略を決定します (自動エスケープはコンパイル時に行われるため、この戦略では実行時にオーバーヘッドが発生しません)。optimizations
integer最適化整数A flag that indicates which optimizations to apply (default to
-1
-- all optimizations are enabled; set it to0
to disable).どの最適化を適用するかを示すフラグ (デフォルトは -1 -- すべての最適化が有効、無効にするには 0 に設定)。
Loaders ¶
Loaders are responsible for loading templates from a resource such as the file system.
Compilation Cache ¶
All template loaders can cache the compiled templates on the filesystem for future reuse. It speeds up Twig a lot as templates are only compiled once.
Built-in Loaders ¶
Here is a list of the built-in loaders:
\Twig\Loader\FilesystemLoader
¶
\Twig\Loader\FilesystemLoader
loads templates from the file system. This loader
can find templates in folders on the file system and is the preferred way to
load them:
1 |
$loader = new \Twig\Loader\FilesystemLoader($templateDir);
|
It can also look for templates in an array of directories:
1 |
$loader = new \Twig\Loader\FilesystemLoader([$templateDir1, $templateDir2]);
|
With such a configuration, Twig will first look for templates in
$templateDir1
and if they do not exist, it will fallback to look for them
in the $templateDir2
.
You can add or prepend paths via the addPath()
and prependPath()
methods:
1 2 |
$loader->addPath($templateDir3);
$loader->prependPath($templateDir4);
|
The filesystem loader also supports namespaced templates. This allows to group your templates under different namespaces which have their own template paths.
When using the setPaths()
, addPath()
, and prependPath()
methods,
specify the namespace as the second argument (when not specified, these
methods act on the "main" namespace):
1 |
$loader->addPath($templateDir, 'admin');
|
Namespaced templates can be accessed via the special
@namespace_name/template_path
notation:
1 |
$twig->render('@admin/index.html', []);
|
\Twig\Loader\FilesystemLoader
supports absolute and relative paths. Using relative
paths is preferred as it makes the cache keys independent of the project root
directory (for instance, it allows warming the cache from a build server where
the directory might be different from the one used on production servers):
1 |
$loader = new \Twig\Loader\FilesystemLoader('templates', getcwd().'/..');
|
Note
When not passing the root path as a second argument, Twig uses getcwd()
for relative paths.
\Twig\Loader\ArrayLoader
¶
\Twig\Loader\ArrayLoader
loads a template from a PHP array. It is passed an
array of strings bound to template names:
1 2 3 4 5 6 |
$loader = new \Twig\Loader\ArrayLoader([
'index.html' => 'Hello {{ name }}!',
]);
$twig = new \Twig\Environment($loader);
echo $twig->render('index.html', ['name' => 'Fabien']);
|
This loader is very useful for unit testing. It can also be used for small projects where storing all templates in a single PHP file might make sense.
Tip
When using the Array
loader with a cache mechanism, you should know that
a new cache key is generated each time a template content "changes" (the
cache key being the source code of the template). If you don't want to see
your cache grows out of control, you need to take care of clearing the old
cache file by yourself.
\Twig\Loader\ChainLoader
¶
\Twig\Loader\ChainLoader
delegates the loading of templates to other loaders:
1 2 3 4 5 6 7 8 9 10 11 |
$loader1 = new \Twig\Loader\ArrayLoader([
'base.html' => '{% block content %}{% endblock %}',
]);
$loader2 = new \Twig\Loader\ArrayLoader([
'index.html' => '{% extends "base.html" %}{% block content %}Hello {{ name }}{% endblock %}',
'base.html' => 'Will never be loaded',
]);
$loader = new \Twig\Loader\ChainLoader([$loader1, $loader2]);
$twig = new \Twig\Environment($loader);
|
When looking for a template, Twig tries each loader in turn and returns as soon
as the template is found. When rendering the index.html
template from the
above example, Twig will load it with $loader2
but the base.html
template will be loaded from $loader1
.
Note
You can also add loaders via the addLoader()
method.
Create your own Loader ¶
All loaders implement the \Twig\Loader\LoaderInterface
:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 |
interface \Twig\Loader\LoaderInterface
{
/**
* Returns the source context for a given template logical name.
*
* @param string $name The template logical name
*
* @return \Twig\Source
*
* @throws \Twig\Error\LoaderError When $name is not found
*/
public function getSourceContext($name);
/**
* Gets the cache key to use for the cache for a given template name.
*
* @param string $name The name of the template to load
*
* @return string The cache key
*
* @throws \Twig\Error\LoaderError When $name is not found
*/
public function getCacheKey($name);
/**
* Returns true if the template is still fresh.
*
* @param string $name The template name
* @param timestamp $time The last modification time of the cached template
*
* @return bool true if the template is fresh, false otherwise
*
* @throws \Twig\Error\LoaderError When $name is not found
*/
public function isFresh($name, $time);
/**
* Check if we have the source code of a template, given its name.
*
* @param string $name The name of the template to check if we can load
*
* @return bool If the template source code is handled by this loader or not
*/
public function exists($name);
}
|
The isFresh()
method must return true
if the current cached template
is still fresh, given the last modification time, or false
otherwise.
The getSourceContext()
method must return an instance of \Twig\Source
.
Using Extensions ¶
Twig extensions are packages that add new features to Twig. Register an
extension via the addExtension()
method:
1 |
$twig->addExtension(new \Twig\Extension\SandboxExtension());
|
Twig comes bundled with the following extensions:
- TwigExtensionCoreExtension: Defines all the core features of Twig.TwigExtensionCoreExtension: Twig のすべてのコア機能を定義します。
- TwigExtensionDebugExtension: Defines the
dump
function to help debug template variables.TwigExtensionDebugExtension: テンプレート変数のデバッグに役立つダンプ関数を定義します。 - TwigExtensionEscaperExtension: Adds automatic output-escaping and the
possibility to escape/unescape blocks of code.TwigExtensionEscaperExtension: 自動出力エスケープと、コード ブロックのエスケープ/エスケープ解除の可能性を追加します。
- TwigExtensionSandboxExtension: Adds a sandbox mode to the default Twig
environment, making it safe to evaluate untrusted code.TwigExtensionSandboxExtension: デフォルトの Twigenvironment にサンドボックス モードを追加し、信頼されていないコードを安全に評価できるようにします。
- TwigExtensionProfilerExtension: Enables the built-in Twig profiler.TwigExtensionProfilerExtension: 組み込みの Twig プロファイラーを有効にします。
- TwigExtensionOptimizerExtension: Optimizes the node tree before
compilation.TwigExtensionOptimizerExtension: コンパイル前にノード ツリーを最適化します。
- TwigExtensionStringLoaderExtension: Defines the
template_from_string
-
function to allow loading templates from string in a template.
テンプレート内の文字列からテンプレートをロードできるようにする関数。
TwigExtensionStringLoaderExtension: テンプレート内の文字列からテンプレートをロードできるようにする template_from_string 関数を定義します。- TwigExtensionStringLoaderExtension: Defines the
The Core, Escaper, and Optimizer extensions are registered by default.
Built-in Extensions ¶
This section describes the features added by the built-in extensions.
Tip
Read the chapter about extending Twig to learn how to create your own extensions.
Core Extension ¶
The core
extension defines all the core features of Twig:
Escaper Extension ¶
The escaper
extension adds automatic output escaping to Twig. It defines a
tag, autoescape
, and a filter, raw
.
When creating the escaper extension, you can switch on or off the global output escaping strategy:
1 2 |
$escaper = new \Twig\Extension\EscaperExtension('html');
$twig->addExtension($escaper);
|
If set to html
, all variables in templates are escaped (using the html
escaping strategy), except those using the raw
filter:
1 |
{{ article.to_html|raw }}
|
You can also change the escaping mode locally by using the autoescape
tag:
1 2 3 4 5 |
{% autoescape 'html' %}
{{ var }}
{{ var|raw }} {# var won't be escaped #}
{{ var|escape }} {# var won't be double-escaped #}
{% endautoescape %}
|
Warning
The autoescape
tag has no effect on included files.
The escaping rules are implemented as follows:
Literals (integers, booleans, arrays, ...) used in the template directly as variables or filter arguments are never automatically escaped:
テンプレートで変数またはフィルター引数として直接使用されるリテラル (整数、ブール値、配列など) は、自動的にエスケープされることはありません。1 2 3 4
{{ "Twig<br/>" }} {# won't be escaped #} {% set text = "Twig<br/>" %} {{ text }} {# will be escaped #}
Expressions which the result is a literal or a variable marked safe are never automatically escaped:
結果がリテラルまたは safe とマークされた変数である式は、自動的にエスケープされることはありません。1 2 3 4 5 6 7 8
{{ foo ? "Twig<br/>" : "<br/>Twig" }} {# won't be escaped #} {% set text = "Twig<br/>" %} {{ true ? text : "<br/>Twig" }} {# will be escaped #} {{ false ? text : "<br/>Twig" }} {# won't be escaped #} {% set text = "Twig<br/>" %} {{ foo ? text|raw : "<br/>Twig" }} {# won't be escaped #}
Objects with a
__toString
method are converted to strings and escaped. You can mark some classes and/or interfaces as being safe for some strategies viaEscaperExtension::addSafeClass()
:__toString メソッドを持つオブジェクトは文字列に変換され、エスケープされます。 EscaperExtension::addSafeClass() を使用して、いくつかのクラスやインターフェースをいくつかの戦略に対して安全であるとマークすることができます。1 2 3 4 5 6 7 8 9 10 11
// mark object of class Foo as safe for the HTML strategy $escaper->addSafeClass('Foo', ['html']); // mark object of interface Foo as safe for the HTML strategy $escaper->addSafeClass('FooInterface', ['html']); // mark object of class Foo as safe for the HTML and JS strategies $escaper->addSafeClass('Foo', ['html', 'js']); // mark object of class Foo as safe for all strategies $escaper->addSafeClass('Foo', ['all']);
Escaping is applied before printing, after any other filter is applied:
他のフィルタが適用された後、印刷前にエスケープが適用されます。1
{{ var|upper }} {# is equivalent to {{ var|upper|escape }} #}
The `raw` filter should only be used at the end of the filter chain:
`raw` フィルターは、フィルター チェーンの最後でのみ使用する必要があります。1 2 3
{{ var|raw|upper }} {# will be escaped #} {{ var|upper|raw }} {# won't be escaped #}
Automatic escaping is not applied if the last filter in the chain is marked safe for the current context (e.g.
html
orjs
).escape
andescape('html')
are marked safe for HTML,escape('js')
is marked safe for JavaScript,raw
is marked safe for everything.チェーンの最後のフィルターが現在のコンテキスト (html や js など) に対して安全であるとマークされている場合、自動エスケープは適用されません。 escape および escape('html') は HTML に対して安全であるとマークされ、escape('js') は JavaScript に対して安全であるとマークされ、raw はすべてに対して安全であるとマークされています。1 2 3 4 5
{% autoescape 'js' %} {{ var|escape('html') }} {# will be escaped for HTML and JavaScript #} {{ var }} {# will be escaped for JavaScript #} {{ var|escape('js') }} {# won't be double-escaped #} {% endautoescape %}
Note
Note that autoescaping has some limitations as escaping is applied on
expressions after evaluation. For instance, when working with
concatenation, {{ foo|raw ~ bar }}
won't give the expected result as
escaping is applied on the result of the concatenation, not on the
individual variables (so, the raw
filter won't have any effect here).
Sandbox Extension ¶
The sandbox
extension can be used to evaluate untrusted code. Access to
unsafe attributes and methods is prohibited. The sandbox security is managed
by a policy instance. By default, Twig comes with one policy class:
\Twig\Sandbox\SecurityPolicy
. This class allows you to white-list some
tags, filters, properties, and methods:
1 2 3 4 5 6 7 8 9 10 |
$tags = ['if'];
$filters = ['upper'];
$methods = [
'Article' => ['getTitle', 'getBody'],
];
$properties = [
'Article' => ['title', 'body'],
];
$functions = ['range'];
$policy = new \Twig\Sandbox\SecurityPolicy($tags, $filters, $methods, $properties, $functions);
|
With the previous configuration, the security policy will only allow usage of
the if
tag, and the upper
filter. Moreover, the templates will only be
able to call the getTitle()
and getBody()
methods on Article
objects, and the title
and body
public properties. Everything else
won't be allowed and will generate a \Twig\Sandbox\SecurityError
exception.
The policy object is the first argument of the sandbox constructor:
1 2 |
$sandbox = new \Twig\Extension\SandboxExtension($policy);
$twig->addExtension($sandbox);
|
By default, the sandbox mode is disabled and should be enabled when including
untrusted template code by using the sandbox
tag:
1 2 3 |
{% sandbox %}
{% include 'user.html' %}
{% endsandbox %}
|
You can sandbox all templates by passing true
as the second argument of
the extension constructor:
1 |
$sandbox = new \Twig\Extension\SandboxExtension($policy, true);
|
Profiler Extension ¶
The profiler
extension enables a profiler for Twig templates; it should
only be used on your development machines as it adds some overhead:
1 2 3 4 5 |
$profile = new \Twig\Profiler\Profile();
$twig->addExtension(new \Twig\Extension\ProfilerExtension($profile));
$dumper = new \Twig\Profiler\Dumper\TextDumper();
echo $dumper->dump($profile);
|
A profile contains information about time and memory consumption for template, block, and macro executions.
You can also dump the data in a Blackfire.io compatible format:
1 2 |
$dumper = new \Twig\Profiler\Dumper\BlackfireDumper();
file_put_contents('/path/to/profile.prof', $dumper->dump($profile));
|
Upload the profile to visualize it (create a free account first):
1 |
blackfire --slot=7 upload /path/to/profile.prof
|
Optimizer Extension ¶
The optimizer
extension optimizes the node tree before compilation:
1 |
$twig->addExtension(new \Twig\Extension\OptimizerExtension());
|
By default, all optimizations are turned on. You can select the ones you want to enable by passing them to the constructor:
1 2 3 |
$optimizer = new \Twig\Extension\OptimizerExtension(\Twig\NodeVisitor\OptimizerNodeVisitor::OPTIMIZE_FOR);
$twig->addExtension($optimizer);
|
Twig supports the following optimizations:
\Twig\NodeVisitor\OptimizerNodeVisitor::OPTIMIZE_ALL
, enables all optimizations (this is the default value).\Twig\NodeVisitor\OptimizerNodeVisitor::OPTIMIZE_ALL、すべての最適化を有効にします (これはデフォルト値です)。\Twig\NodeVisitor\OptimizerNodeVisitor::OPTIMIZE_NONE
, disables all optimizations. This reduces the compilation time, but it can increase the execution time and the consumed memory.\Twig\NodeVisitor\OptimizerNodeVisitor::OPTIMIZE_NONE は、すべての最適化を無効にします。これにより、コンパイル時間が短縮されますが、実行時間と消費メモリが増加する可能性があります。\Twig\NodeVisitor\OptimizerNodeVisitor::OPTIMIZE_FOR
, optimizes thefor
tag by removing theloop
variable creation whenever possible.\Twig\NodeVisitor\OptimizerNodeVisitor::OPTIMIZE_FOR は、可能な限りループ変数の作成を削除して for タグを最適化します。\Twig\NodeVisitor\OptimizerNodeVisitor::OPTIMIZE_RAW_FILTER
, removes theraw
filter whenever possible.\Twig\NodeVisitor\OptimizerNodeVisitor::OPTIMIZE_RAW_FILTER は、可能な限り rawfilter を削除します。\Twig\NodeVisitor\OptimizerNodeVisitor::OPTIMIZE_VAR_ACCESS
, simplifies the creation and access of variables in the compiled templates whenever possible.\Twig\NodeVisitor\OptimizerNodeVisitor::OPTIMIZE_VAR_ACCESS は、コンパイルされたテンプレートでの変数の作成とアクセスを可能な限り簡素化します。
Exceptions ¶
Twig can throw exceptions:
\Twig\Error\Error
: The base exception for all errors.\Twig\Error\Error: すべてのエラーの基本例外。\Twig\Error\SyntaxError
: Thrown to tell the user that there is a problem with the template syntax.\Twig\Error\SyntaxError: テンプレートの構文に問題があることをユーザーに伝えるためにスローされます。\Twig\Error\RuntimeError
: Thrown when an error occurs at runtime (when a filter does not exist for instance).\Twig\Error\RuntimeError: 実行時にエラーが発生した場合 (たとえば、フィルターが存在しない場合) にスローされます。\Twig\Error\LoaderError
: Thrown when an error occurs during template loading.\Twig\Error\LoaderError: テンプレートの読み込み中にエラーが発生した場合にスローされます。\Twig\Sandbox\SecurityError
: Thrown when an unallowed tag, filter, or method is called in a sandboxed template.\Twig\Sandbox\SecurityError: 許可されていないタグ、フィルター、またはメソッドがサンドボックス化されたテンプレートで呼び出されたときにスローされます。