diff options
Diffstat (limited to 'library/Smarty/libs/plugins/modifier.escape.php')
| -rw-r--r-- | library/Smarty/libs/plugins/modifier.escape.php | 198 |
1 files changed, 0 insertions, 198 deletions
diff --git a/library/Smarty/libs/plugins/modifier.escape.php b/library/Smarty/libs/plugins/modifier.escape.php deleted file mode 100644 index 9fdb0702f..000000000 --- a/library/Smarty/libs/plugins/modifier.escape.php +++ /dev/null @@ -1,198 +0,0 @@ -<?php -/** - * Smarty plugin - * - * @package Smarty - * @subpackage PluginsModifier - */ - -/** - * Smarty escape modifier plugin - * Type: modifier<br> - * Name: escape<br> - * Purpose: escape string for output - * - * @link http://www.smarty.net/docs/en/language.modifier.escape - * @author Monte Ohrt <monte at ohrt dot com> - * - * @param string $string input string - * @param string $esc_type escape type - * @param string $char_set character set, used for htmlspecialchars() or htmlentities() - * @param boolean $double_encode encode already encoded entitites again, used for htmlspecialchars() or htmlentities() - * - * @return string escaped input string - */ -function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $double_encode = true) -{ - static $_double_encode = null; - if ($_double_encode === null) { - $_double_encode = version_compare(PHP_VERSION, '5.2.3', '>='); - } - - if (!$char_set) { - $char_set = Smarty::$_CHARSET; - } - - switch ($esc_type) { - case 'html': - if ($_double_encode) { - // php >=5.3.2 - go native - return htmlspecialchars($string, ENT_QUOTES, $char_set, $double_encode); - } else { - if ($double_encode) { - // php <5.2.3 - only handle double encoding - return htmlspecialchars($string, ENT_QUOTES, $char_set); - } else { - // php <5.2.3 - prevent double encoding - $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string); - $string = htmlspecialchars($string, ENT_QUOTES, $char_set); - $string = str_replace(array('%%%SMARTY_START%%%', '%%%SMARTY_END%%%'), array('&', ';'), $string); - - return $string; - } - } - - case 'htmlall': - if (Smarty::$_MBSTRING) { - // mb_convert_encoding ignores htmlspecialchars() - if ($_double_encode) { - // php >=5.3.2 - go native - $string = htmlspecialchars($string, ENT_QUOTES, $char_set, $double_encode); - } else { - if ($double_encode) { - // php <5.2.3 - only handle double encoding - $string = htmlspecialchars($string, ENT_QUOTES, $char_set); - } else { - // php <5.2.3 - prevent double encoding - $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string); - $string = htmlspecialchars($string, ENT_QUOTES, $char_set); - $string = str_replace(array('%%%SMARTY_START%%%', '%%%SMARTY_END%%%'), array('&', ';'), $string); - - return $string; - } - } - - // htmlentities() won't convert everything, so use mb_convert_encoding - return mb_convert_encoding($string, 'HTML-ENTITIES', $char_set); - } - - // no MBString fallback - if ($_double_encode) { - return htmlentities($string, ENT_QUOTES, $char_set, $double_encode); - } else { - if ($double_encode) { - return htmlentities($string, ENT_QUOTES, $char_set); - } else { - $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string); - $string = htmlentities($string, ENT_QUOTES, $char_set); - $string = str_replace(array('%%%SMARTY_START%%%', '%%%SMARTY_END%%%'), array('&', ';'), $string); - - return $string; - } - } - - case 'url': - return rawurlencode($string); - - case 'urlpathinfo': - return str_replace('%2F', '/', rawurlencode($string)); - - case 'quotes': - // escape unescaped single quotes - return preg_replace("%(?<!\\\\)'%", "\\'", $string); - - case 'hex': - // escape every byte into hex - // Note that the UTF-8 encoded character รค will be represented as %c3%a4 - $return = ''; - $_length = strlen($string); - for ($x = 0; $x < $_length; $x ++) { - $return .= '%' . bin2hex($string[$x]); - } - - return $return; - - case 'hexentity': - $return = ''; - if (Smarty::$_MBSTRING) { - require_once(SMARTY_PLUGINS_DIR . 'shared.mb_unicode.php'); - $return = ''; - foreach (smarty_mb_to_unicode($string, Smarty::$_CHARSET) as $unicode) { - $return .= '&#x' . strtoupper(dechex($unicode)) . ';'; - } - - return $return; - } - // no MBString fallback - $_length = strlen($string); - for ($x = 0; $x < $_length; $x ++) { - $return .= '&#x' . bin2hex($string[$x]) . ';'; - } - - return $return; - - case 'decentity': - $return = ''; - if (Smarty::$_MBSTRING) { - require_once(SMARTY_PLUGINS_DIR . 'shared.mb_unicode.php'); - $return = ''; - foreach (smarty_mb_to_unicode($string, Smarty::$_CHARSET) as $unicode) { - $return .= '&#' . $unicode . ';'; - } - - return $return; - } - // no MBString fallback - $_length = strlen($string); - for ($x = 0; $x < $_length; $x ++) { - $return .= '&#' . ord($string[$x]) . ';'; - } - - return $return; - - case 'javascript': - // escape quotes and backslashes, newlines, etc. - return strtr($string, array('\\' => '\\\\', "'" => "\\'", '"' => '\\"', "\r" => '\\r', "\n" => '\\n', '</' => '<\/')); - - case 'mail': - if (Smarty::$_MBSTRING) { - require_once(SMARTY_PLUGINS_DIR . 'shared.mb_str_replace.php'); - - return smarty_mb_str_replace(array('@', '.'), array(' [AT] ', ' [DOT] '), $string); - } - // no MBString fallback - return str_replace(array('@', '.'), array(' [AT] ', ' [DOT] '), $string); - - case 'nonstd': - // escape non-standard chars, such as ms document quotes - $return = ''; - if (Smarty::$_MBSTRING) { - require_once(SMARTY_PLUGINS_DIR . 'shared.mb_unicode.php'); - foreach (smarty_mb_to_unicode($string, Smarty::$_CHARSET) as $unicode) { - if ($unicode >= 126) { - $return .= '&#' . $unicode . ';'; - } else { - $return .= chr($unicode); - } - } - - return $return; - } - - $_length = strlen($string); - for ($_i = 0; $_i < $_length; $_i ++) { - $_ord = ord(substr($string, $_i, 1)); - // non-standard char, escape it - if ($_ord >= 126) { - $return .= '&#' . $_ord . ';'; - } else { - $return .= substr($string, $_i, 1); - } - } - - return $return; - - default: - return $string; - } -} |