library/smarty/libs/plugins/modifiercompiler.escape.php
author Markus Bröker <broeker.markus@googlemail.com>
Sat, 14 Nov 2015 02:40:44 +0100
changeset 24 ef2914b7af78
parent 0 4869aea77e21
permissions -rw-r--r--
Request::hasPost: Array ist immer gesetzt, Inhalt variiert
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
     1
<?php
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
     2
/**
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
     3
 * Smarty plugin
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
     4
 *
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
     5
 * @package    Smarty
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
     6
 * @subpackage PluginsModifierCompiler
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
     7
 */
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
     8
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
     9
/**
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    10
 * @ignore
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    11
 */
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    12
require_once(SMARTY_PLUGINS_DIR . 'shared.literal_compiler_param.php');
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    13
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    14
/**
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    15
 * Smarty escape modifier plugin
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    16
 * Type:     modifier<br>
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    17
 * Name:     escape<br>
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    18
 * Purpose:  escape string for output
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    19
 *
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    20
 * @link   http://www.smarty.net/docsv2/en/language.modifier.escape count_characters (Smarty online manual)
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    21
 * @author Rodney Rehm
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    22
 *
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    23
 * @param array $params parameters
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    24
 * @param       $compiler
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    25
 *
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    26
 * @return string with compiled code
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    27
 */
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    28
function smarty_modifiercompiler_escape($params, $compiler) {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    29
    static $_double_encode = null;
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    30
    if ($_double_encode === null) {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    31
        $_double_encode = version_compare(PHP_VERSION, '5.2.3', '>=');
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    32
    }
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    33
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    34
    try {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    35
        $esc_type = smarty_literal_compiler_param($params, 1, 'html');
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    36
        $char_set = smarty_literal_compiler_param($params, 2, Smarty::$_CHARSET);
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    37
        $double_encode = smarty_literal_compiler_param($params, 3, true);
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    38
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    39
        if (!$char_set) {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    40
            $char_set = Smarty::$_CHARSET;
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    41
        }
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    42
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    43
        switch ($esc_type) {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    44
            case 'html':
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    45
                if ($_double_encode) {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    46
                    return 'htmlspecialchars('
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    47
                    . $params[0] . ', ENT_QUOTES, '
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    48
                    . var_export($char_set, true) . ', '
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    49
                    . var_export($double_encode, true) . ')';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    50
                } elseif ($double_encode) {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    51
                    return 'htmlspecialchars('
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    52
                    . $params[0] . ', ENT_QUOTES, '
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    53
                    . var_export($char_set, true) . ')';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    54
                } else {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    55
                    // fall back to modifier.escape.php
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    56
                }
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    57
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    58
            case 'htmlall':
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    59
                if (Smarty::$_MBSTRING) {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    60
                    if ($_double_encode) {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    61
                        // php >=5.2.3 - go native
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    62
                        return 'mb_convert_encoding(htmlspecialchars('
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    63
                        . $params[0] . ', ENT_QUOTES, '
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    64
                        . var_export($char_set, true) . ', '
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    65
                        . var_export($double_encode, true)
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    66
                        . '), "HTML-ENTITIES", '
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    67
                        . var_export($char_set, true) . ')';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    68
                    } elseif ($double_encode) {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    69
                        // php <5.2.3 - only handle double encoding
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    70
                        return 'mb_convert_encoding(htmlspecialchars('
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    71
                        . $params[0] . ', ENT_QUOTES, '
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    72
                        . var_export($char_set, true)
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    73
                        . '), "HTML-ENTITIES", '
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    74
                        . var_export($char_set, true) . ')';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    75
                    } else {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    76
                        // fall back to modifier.escape.php
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    77
                    }
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    78
                }
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    79
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    80
                // no MBString fallback
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    81
                if ($_double_encode) {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    82
                    // php >=5.2.3 - go native
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    83
                    return 'htmlentities('
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    84
                    . $params[0] . ', ENT_QUOTES, '
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    85
                    . var_export($char_set, true) . ', '
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    86
                    . var_export($double_encode, true) . ')';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    87
                } elseif ($double_encode) {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    88
                    // php <5.2.3 - only handle double encoding
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    89
                    return 'htmlentities('
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    90
                    . $params[0] . ', ENT_QUOTES, '
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    91
                    . var_export($char_set, true) . ')';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    92
                } else {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    93
                    // fall back to modifier.escape.php
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    94
                }
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    95
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    96
            case 'url':
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    97
                return 'rawurlencode(' . $params[0] . ')';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    98
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
    99
            case 'urlpathinfo':
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   100
                return 'str_replace("%2F", "/", rawurlencode(' . $params[0] . '))';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   101
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   102
            case 'quotes':
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   103
                // escape unescaped single quotes
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   104
                return 'preg_replace("%(?<!\\\\\\\\)\'%", "\\\'",' . $params[0] . ')';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   105
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   106
            case 'javascript':
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   107
                // escape quotes and backslashes, newlines, etc.
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   108
                return 'strtr(' . $params[0] . ', array("\\\\" => "\\\\\\\\", "\'" => "\\\\\'", "\"" => "\\\\\"", "\\r" => "\\\\r", "\\n" => "\\\n", "</" => "<\/" ))';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   109
        }
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   110
    } catch (SmartyException $e) {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   111
        // pass through to regular plugin fallback
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   112
    }
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   113
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   114
    // could not optimize |escape call, so fallback to regular plugin
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   115
    if ($compiler->template->caching && ($compiler->tag_nocache | $compiler->nocache)) {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   116
        $compiler->template->required_plugins['nocache']['escape']['modifier']['file'] = SMARTY_PLUGINS_DIR . 'modifier.escape.php';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   117
        $compiler->template->required_plugins['nocache']['escape']['modifier']['function'] = 'smarty_modifier_escape';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   118
    } else {
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   119
        $compiler->template->required_plugins['compiled']['escape']['modifier']['file'] = SMARTY_PLUGINS_DIR . 'modifier.escape.php';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   120
        $compiler->template->required_plugins['compiled']['escape']['modifier']['function'] = 'smarty_modifier_escape';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   121
    }
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   122
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   123
    return 'smarty_modifier_escape(' . join(', ', $params) . ')';
4869aea77e21 Bröker-Framework BFW-1
Markus Bröker <broeker.markus@googlemail.com>
parents:
diff changeset
   124
}