diff options
author | Thomas Willingham <beardyunixer@beardyunixer.com> | 2014-12-11 20:15:27 +0000 |
---|---|---|
committer | Thomas Willingham <beardyunixer@beardyunixer.com> | 2014-12-11 20:15:27 +0000 |
commit | 967ab871b836f618107fe144978bd1453c3c6634 (patch) | |
tree | 1bcb1b4bb1b25c904a2bc06f5c6d526d29909eaa /library/Smarty/libs/plugins/modifier.escape.php | |
parent | 960c35bad3a0dbaa7a1f2191aef60ad014d926ca (diff) | |
download | volse-hubzilla-967ab871b836f618107fe144978bd1453c3c6634.tar.gz volse-hubzilla-967ab871b836f618107fe144978bd1453c3c6634.tar.bz2 volse-hubzilla-967ab871b836f618107fe144978bd1453c3c6634.zip |
Update Smarty
Diffstat (limited to 'library/Smarty/libs/plugins/modifier.escape.php')
-rw-r--r-- | library/Smarty/libs/plugins/modifier.escape.php | 40 |
1 files changed, 25 insertions, 15 deletions
diff --git a/library/Smarty/libs/plugins/modifier.escape.php b/library/Smarty/libs/plugins/modifier.escape.php index 32d185fce..9fdb0702f 100644 --- a/library/Smarty/libs/plugins/modifier.escape.php +++ b/library/Smarty/libs/plugins/modifier.escape.php @@ -2,23 +2,24 @@ /** * Smarty plugin * - * @package Smarty + * @package Smarty * @subpackage PluginsModifier */ /** * Smarty escape modifier plugin - * * Type: modifier<br> * Name: escape<br> * Purpose: escape string for output * - * @link http://www.smarty.net/manual/en/language.modifier.count.characters.php count_characters (Smarty online manual) + * @link http://www.smarty.net/docs/en/language.modifier.escape * @author Monte Ohrt <monte at ohrt dot com> + * * @param string $string input string * @param string $esc_type escape type * @param string $char_set character set, used for htmlspecialchars() or htmlentities() * @param boolean $double_encode encode already encoded entitites again, used for htmlspecialchars() or htmlentities() + * * @return string escaped input string */ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $double_encode = true) @@ -27,7 +28,7 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ if ($_double_encode === null) { $_double_encode = version_compare(PHP_VERSION, '5.2.3', '>='); } - + if (!$char_set) { $char_set = Smarty::$_CHARSET; } @@ -39,13 +40,14 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ return htmlspecialchars($string, ENT_QUOTES, $char_set, $double_encode); } else { if ($double_encode) { - // php <5.3.2 - only handle double encoding + // php <5.2.3 - only handle double encoding return htmlspecialchars($string, ENT_QUOTES, $char_set); } else { - // php <5.3.2 - prevent double encoding + // php <5.2.3 - prevent double encoding $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string); $string = htmlspecialchars($string, ENT_QUOTES, $char_set); $string = str_replace(array('%%%SMARTY_START%%%', '%%%SMARTY_END%%%'), array('&', ';'), $string); + return $string; } } @@ -58,17 +60,18 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ $string = htmlspecialchars($string, ENT_QUOTES, $char_set, $double_encode); } else { if ($double_encode) { - // php <5.3.2 - only handle double encoding + // php <5.2.3 - only handle double encoding $string = htmlspecialchars($string, ENT_QUOTES, $char_set); } else { - // php <5.3.2 - prevent double encoding + // php <5.2.3 - prevent double encoding $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string); $string = htmlspecialchars($string, ENT_QUOTES, $char_set); $string = str_replace(array('%%%SMARTY_START%%%', '%%%SMARTY_END%%%'), array('&', ';'), $string); + return $string; } } - + // htmlentities() won't convert everything, so use mb_convert_encoding return mb_convert_encoding($string, 'HTML-ENTITIES', $char_set); } @@ -83,6 +86,7 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string); $string = htmlentities($string, ENT_QUOTES, $char_set); $string = str_replace(array('%%%SMARTY_START%%%', '%%%SMARTY_END%%%'), array('&', ';'), $string); + return $string; } } @@ -102,9 +106,10 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ // Note that the UTF-8 encoded character รค will be represented as %c3%a4 $return = ''; $_length = strlen($string); - for ($x = 0; $x < $_length; $x++) { + for ($x = 0; $x < $_length; $x ++) { $return .= '%' . bin2hex($string[$x]); } + return $return; case 'hexentity': @@ -115,13 +120,15 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ foreach (smarty_mb_to_unicode($string, Smarty::$_CHARSET) as $unicode) { $return .= '&#x' . strtoupper(dechex($unicode)) . ';'; } + return $return; } // no MBString fallback $_length = strlen($string); - for ($x = 0; $x < $_length; $x++) { + for ($x = 0; $x < $_length; $x ++) { $return .= '&#x' . bin2hex($string[$x]) . ';'; } + return $return; case 'decentity': @@ -132,13 +139,15 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ foreach (smarty_mb_to_unicode($string, Smarty::$_CHARSET) as $unicode) { $return .= '&#' . $unicode . ';'; } + return $return; } // no MBString fallback $_length = strlen($string); - for ($x = 0; $x < $_length; $x++) { + for ($x = 0; $x < $_length; $x ++) { $return .= '&#' . ord($string[$x]) . ';'; } + return $return; case 'javascript': @@ -148,6 +157,7 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ case 'mail': if (Smarty::$_MBSTRING) { require_once(SMARTY_PLUGINS_DIR . 'shared.mb_str_replace.php'); + return smarty_mb_str_replace(array('@', '.'), array(' [AT] ', ' [DOT] '), $string); } // no MBString fallback @@ -165,11 +175,12 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ $return .= chr($unicode); } } + return $return; } $_length = strlen($string); - for ($_i = 0; $_i < $_length; $_i++) { + for ($_i = 0; $_i < $_length; $_i ++) { $_ord = ord(substr($string, $_i, 1)); // non-standard char, escape it if ($_ord >= 126) { @@ -178,11 +189,10 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ $return .= substr($string, $_i, 1); } } + return $return; default: return $string; } } - -?>
\ No newline at end of file |