summaryrefslogtreecommitdiff
path: root/lib/smarty/plugins/modifiercompiler.escape.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/smarty/plugins/modifiercompiler.escape.php')
-rw-r--r--lib/smarty/plugins/modifiercompiler.escape.php202
1 files changed, 112 insertions, 90 deletions
diff --git a/lib/smarty/plugins/modifiercompiler.escape.php b/lib/smarty/plugins/modifiercompiler.escape.php
index b4cd3c8..e0763ad 100644
--- a/lib/smarty/plugins/modifiercompiler.escape.php
+++ b/lib/smarty/plugins/modifiercompiler.escape.php
@@ -1,90 +1,112 @@
-<?php
-/**
- * Smarty plugin
- *
- * @package Smarty
- * @subpackage PluginsModifierCompiler
- */
-
-/**
- * @ignore
- */
-require_once( SMARTY_PLUGINS_DIR .'shared.literal_compiler_param.php' );
-
-/**
- * Smarty escape modifier plugin
- *
- * Type: modifier<br>
- * Name: escape<br>
- * Purpose: escape string for output
- *
- * @link http://www.smarty.net/docsv2/en/language.modifier.escape count_characters (Smarty online manual)
- * @author Rodney Rehm
- * @param array $params parameters
- * @return string with compiled code
- */
-function smarty_modifiercompiler_escape($params, $compiler)
-{
- try {
- $esc_type = smarty_literal_compiler_param($params, 1, 'html');
- $char_set = smarty_literal_compiler_param($params, 2, Smarty::$_CHARSET);
- $double_encode = smarty_literal_compiler_param($params, 3, true);
-
- if (!$char_set) {
- $char_set = Smarty::$_CHARSET;
- }
-
- switch ($esc_type) {
- case 'html':
- return 'htmlspecialchars('
- . $params[0] .', ENT_QUOTES, '
- . var_export($char_set, true) . ', '
- . var_export($double_encode, true) . ')';
-
- case 'htmlall':
- if (Smarty::$_MBSTRING) {
- return 'mb_convert_encoding(htmlspecialchars('
- . $params[0] .', ENT_QUOTES, '
- . var_export($char_set, true) . ', '
- . var_export($double_encode, true)
- . '), "HTML-ENTITIES", '
- . var_export($char_set, true) . ')';
- }
-
- // no MBString fallback
- return 'htmlentities('
- . $params[0] .', ENT_QUOTES, '
- . var_export($char_set, true) . ', '
- . var_export($double_encode, true) . ')';
-
- case 'url':
- return 'rawurlencode(' . $params[0] . ')';
-
- case 'urlpathinfo':
- return 'str_replace("%2F", "/", rawurlencode(' . $params[0] . '))';
-
- case 'quotes':
- // escape unescaped single quotes
- return 'preg_replace("%(?<!\\\\\\\\)\'%", "\\\'",' . $params[0] . ')';
-
- case 'javascript':
- // escape quotes and backslashes, newlines, etc.
- return 'strtr(' . $params[0] . ', array("\\\\" => "\\\\\\\\", "\'" => "\\\\\'", "\"" => "\\\\\"", "\\r" => "\\\\r", "\\n" => "\\\n", "</" => "<\/" ))';
-
- }
- } catch(SmartyException $e) {
- // pass through to regular plugin fallback
- }
-
- // could not optimize |escape call, so fallback to regular plugin
- if ($compiler->tag_nocache | $compiler->nocache) {
- $compiler->template->required_plugins['nocache']['escape']['modifier']['file'] = SMARTY_PLUGINS_DIR .'modifier.escape.php';
- $compiler->template->required_plugins['nocache']['escape']['modifier']['function'] = 'smarty_modifier_escape';
- } else {
- $compiler->template->required_plugins['compiled']['escape']['modifier']['file'] = SMARTY_PLUGINS_DIR .'modifier.escape.php';
- $compiler->template->required_plugins['compiled']['escape']['modifier']['function'] = 'smarty_modifier_escape';
- }
- return 'smarty_modifier_escape(' . join( ', ', $params ) . ')';
-}
-
-?> \ No newline at end of file
+<?php
+/**
+ * Smarty plugin
+ *
+ * @package Smarty
+ * @subpackage PluginsModifierCompiler
+ */
+/**
+ * Smarty escape modifier plugin
+ * Type: modifier
+ * Name: escape
+ * Purpose: escape string for output
+ *
+ * @link http://www.smarty.net/docsv2/en/language.modifier.escape count_characters (Smarty online manual)
+ * @author Rodney Rehm
+ *
+ * @param array $params parameters
+ * @param Smarty_Internal_TemplateCompilerBase $compiler
+ *
+ * @return string with compiled code
+ * @throws \SmartyException
+ */
+function smarty_modifiercompiler_escape($params, Smarty_Internal_TemplateCompilerBase $compiler)
+{
+ static $_double_encode = null;
+ static $is_loaded = false;
+ $compiler->template->_checkPlugins(
+ array(
+ array(
+ 'function' => 'smarty_literal_compiler_param',
+ 'file' => SMARTY_PLUGINS_DIR . 'shared.literal_compiler_param.php'
+ )
+ )
+ );
+ if ($_double_encode === null) {
+ $_double_encode = version_compare(PHP_VERSION, '5.2.3', '>=');
+ }
+ try {
+ $esc_type = smarty_literal_compiler_param($params, 1, 'html');
+ $char_set = smarty_literal_compiler_param($params, 2, Smarty::$_CHARSET);
+ $double_encode = smarty_literal_compiler_param($params, 3, true);
+ if (!$char_set) {
+ $char_set = Smarty::$_CHARSET;
+ }
+ switch ($esc_type) {
+ case 'html':
+ if ($_double_encode) {
+ return 'htmlspecialchars(' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' .
+ var_export($double_encode, true) . ')';
+ } elseif ($double_encode) {
+ return 'htmlspecialchars(' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ')';
+ } else {
+ // fall back to modifier.escape.php
+ }
+ // no break
+ case 'htmlall':
+ if (Smarty::$_MBSTRING) {
+ if ($_double_encode) {
+ // php >=5.2.3 - go native
+ return 'mb_convert_encoding(htmlspecialchars(' . $params[ 0 ] . ', ENT_QUOTES, ' .
+ var_export($char_set, true) . ', ' . var_export($double_encode, true) .
+ '), "HTML-ENTITIES", ' . var_export($char_set, true) . ')';
+ } elseif ($double_encode) {
+ // php <5.2.3 - only handle double encoding
+ return 'mb_convert_encoding(htmlspecialchars(' . $params[ 0 ] . ', ENT_QUOTES, ' .
+ var_export($char_set, true) . '), "HTML-ENTITIES", ' . var_export($char_set, true) . ')';
+ } else {
+ // fall back to modifier.escape.php
+ }
+ }
+ // no MBString fallback
+ if ($_double_encode) {
+ // php >=5.2.3 - go native
+ return 'htmlentities(' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' .
+ var_export($double_encode, true) . ')';
+ } elseif ($double_encode) {
+ // php <5.2.3 - only handle double encoding
+ return 'htmlentities(' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ')';
+ } else {
+ // fall back to modifier.escape.php
+ }
+ // no break
+ case 'url':
+ return 'rawurlencode(' . $params[ 0 ] . ')';
+ case 'urlpathinfo':
+ return 'str_replace("%2F", "/", rawurlencode(' . $params[ 0 ] . '))';
+ case 'quotes':
+ // escape unescaped single quotes
+ return 'preg_replace("%(?<!\\\\\\\\)\'%", "\\\'",' . $params[ 0 ] . ')';
+ case 'javascript':
+ // escape quotes and backslashes, newlines, etc.
+ return 'strtr(' .
+ $params[ 0 ] .
+ ', array("\\\\" => "\\\\\\\\", "\'" => "\\\\\'", "\"" => "\\\\\"", "\\r" => "\\\\r", "\\n" => "\\\n", "</" => "<\/" ))';
+ }
+ } catch (SmartyException $e) {
+ // pass through to regular plugin fallback
+ }
+ // could not optimize |escape call, so fallback to regular plugin
+ if ($compiler->template->caching && ($compiler->tag_nocache | $compiler->nocache)) {
+ $compiler->required_plugins[ 'nocache' ][ 'escape' ][ 'modifier' ][ 'file' ] =
+ SMARTY_PLUGINS_DIR . 'modifier.escape.php';
+ $compiler->required_plugins[ 'nocache' ][ 'escape' ][ 'modifier' ][ 'function' ] =
+ 'smarty_modifier_escape';
+ } else {
+ $compiler->required_plugins[ 'compiled' ][ 'escape' ][ 'modifier' ][ 'file' ] =
+ SMARTY_PLUGINS_DIR . 'modifier.escape.php';
+ $compiler->required_plugins[ 'compiled' ][ 'escape' ][ 'modifier' ][ 'function' ] =
+ 'smarty_modifier_escape';
+ }
+ return 'smarty_modifier_escape(' . join(', ', $params) . ')';
+}
generated by cgit v1.2.3 (git 2.46.0) at 2025-02-23 17:17:45 +0000