diff options
| author | Nathan Kinkade <kinkade@measurementlab.net> | 2019-08-27 13:05:48 -0600 |
|---|---|---|
| committer | Nathan Kinkade <kinkade@measurementlab.net> | 2019-08-27 13:05:48 -0600 |
| commit | a6c179d56973e382205c8583568d635c37f814c8 (patch) | |
| tree | d144141439adac21f0c1bc2fc2caa85fd8135039 /lib/smarty-3.1.33/plugins/modifiercompiler.escape.php | |
| parent | 34972193073432105b8659407af5a914b3686f81 (diff) | |
Updates smarty to v3.1.33.
Diffstat (limited to 'lib/smarty-3.1.33/plugins/modifiercompiler.escape.php')
| -rw-r--r-- | lib/smarty-3.1.33/plugins/modifiercompiler.escape.php | 112 |
1 files changed, 112 insertions, 0 deletions
diff --git a/lib/smarty-3.1.33/plugins/modifiercompiler.escape.php b/lib/smarty-3.1.33/plugins/modifiercompiler.escape.php new file mode 100644 index 0000000..e0763ad --- /dev/null +++ b/lib/smarty-3.1.33/plugins/modifiercompiler.escape.php @@ -0,0 +1,112 @@ +<?php +/** + * Smarty plugin + * + * @package Smarty + * @subpackage PluginsModifierCompiler + */ +/** + * Smarty escape modifier plugin + * Type: modifier + * Name: escape + * Purpose: escape string for output + * + * @link http://www.smarty.net/docsv2/en/language.modifier.escape count_characters (Smarty online manual) + * @author Rodney Rehm + * + * @param array $params parameters + * @param Smarty_Internal_TemplateCompilerBase $compiler + * + * @return string with compiled code + * @throws \SmartyException + */ +function smarty_modifiercompiler_escape($params, Smarty_Internal_TemplateCompilerBase $compiler) +{ + static $_double_encode = null; + static $is_loaded = false; + $compiler->template->_checkPlugins( + array( + array( + 'function' => 'smarty_literal_compiler_param', + 'file' => SMARTY_PLUGINS_DIR . 'shared.literal_compiler_param.php' + ) + ) + ); + if ($_double_encode === null) { + $_double_encode = version_compare(PHP_VERSION, '5.2.3', '>='); + } + try { + $esc_type = smarty_literal_compiler_param($params, 1, 'html'); + $char_set = smarty_literal_compiler_param($params, 2, Smarty::$_CHARSET); + $double_encode = smarty_literal_compiler_param($params, 3, true); + if (!$char_set) { + $char_set = Smarty::$_CHARSET; + } + switch ($esc_type) { + case 'html': + if ($_double_encode) { + return 'htmlspecialchars(' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' . + var_export($double_encode, true) . ')'; + } elseif ($double_encode) { + return 'htmlspecialchars(' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ')'; + } else { + // fall back to modifier.escape.php + } + // no break + case 'htmlall': + if (Smarty::$_MBSTRING) { + if ($_double_encode) { + // php >=5.2.3 - go native + return 'mb_convert_encoding(htmlspecialchars(' . $params[ 0 ] . ', ENT_QUOTES, ' . + var_export($char_set, true) . ', ' . var_export($double_encode, true) . + '), "HTML-ENTITIES", ' . var_export($char_set, true) . ')'; + } elseif ($double_encode) { + // php <5.2.3 - only handle double encoding + return 'mb_convert_encoding(htmlspecialchars(' . $params[ 0 ] . ', ENT_QUOTES, ' . + var_export($char_set, true) . '), "HTML-ENTITIES", ' . var_export($char_set, true) . ')'; + } else { + // fall back to modifier.escape.php + } + } + // no MBString fallback + if ($_double_encode) { + // php >=5.2.3 - go native + return 'htmlentities(' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' . + var_export($double_encode, true) . ')'; + } elseif ($double_encode) { + // php <5.2.3 - only handle double encoding + return 'htmlentities(' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ')'; + } else { + // fall back to modifier.escape.php + } + // no break + case 'url': + return 'rawurlencode(' . $params[ 0 ] . ')'; + case 'urlpathinfo': + return 'str_replace("%2F", "/", rawurlencode(' . $params[ 0 ] . '))'; + case 'quotes': + // escape unescaped single quotes + return 'preg_replace("%(?<!\\\\\\\\)\'%", "\\\'",' . $params[ 0 ] . ')'; + case 'javascript': + // escape quotes and backslashes, newlines, etc. + return 'strtr(' . + $params[ 0 ] . + ', array("\\\\" => "\\\\\\\\", "\'" => "\\\\\'", "\"" => "\\\\\"", "\\r" => "\\\\r", "\\n" => "\\\n", "</" => "<\/" ))'; + } + } catch (SmartyException $e) { + // pass through to regular plugin fallback + } + // could not optimize |escape call, so fallback to regular plugin + if ($compiler->template->caching && ($compiler->tag_nocache | $compiler->nocache)) { + $compiler->required_plugins[ 'nocache' ][ 'escape' ][ 'modifier' ][ 'file' ] = + SMARTY_PLUGINS_DIR . 'modifier.escape.php'; + $compiler->required_plugins[ 'nocache' ][ 'escape' ][ 'modifier' ][ 'function' ] = + 'smarty_modifier_escape'; + } else { + $compiler->required_plugins[ 'compiled' ][ 'escape' ][ 'modifier' ][ 'file' ] = + SMARTY_PLUGINS_DIR . 'modifier.escape.php'; + $compiler->required_plugins[ 'compiled' ][ 'escape' ][ 'modifier' ][ 'function' ] = + 'smarty_modifier_escape'; + } + return 'smarty_modifier_escape(' . join(', ', $params) . ')'; +} |
