Редакция 2 | Содержимое файла | Сравнить с предыдущей | Последнее изменение | Открыть журнал | RSS
Редакция | Автор | № строки | Строка |
---|---|---|---|
2 | alex-w | 1 | <?php |
2 | /** |
||
3 | * Smarty plugin |
||
4 | * @package Smarty |
||
5 | * @subpackage plugins |
||
6 | */ |
||
7 | |||
8 | |||
9 | /** |
||
10 | * Smarty escape modifier plugin |
||
11 | * |
||
12 | * Type: modifier<br> |
||
13 | * Name: escape<br> |
||
14 | * Purpose: Escape the string according to escapement type |
||
15 | * @link http://smarty.php.net/manual/en/language.modifier.escape.php |
||
16 | * escape (Smarty online manual) |
||
17 | * @author Monte Ohrt <monte at ohrt dot com> |
||
18 | * @param string |
||
19 | * @param html|htmlall|url|quotes|hex|hexentity|javascript |
||
20 | * @return string |
||
21 | */ |
||
22 | function smarty_modifier_escape($string, $esc_type = 'html', $char_set = 'ISO-8859-1') |
||
23 | { |
||
24 | switch ($esc_type) { |
||
25 | case 'html': |
||
26 | return htmlspecialchars($string, ENT_QUOTES, $char_set); |
||
27 | |||
28 | case 'htmlall': |
||
29 | return htmlentities($string, ENT_QUOTES, $char_set); |
||
30 | |||
31 | case 'url': |
||
32 | return rawurlencode($string); |
||
33 | |||
34 | case 'urlpathinfo': |
||
35 | return str_replace('%2F','/',rawurlencode($string)); |
||
36 | |||
37 | case 'quotes': |
||
38 | // escape unescaped single quotes |
||
39 | return preg_replace("%(?<!\\\\)'%", "\\'", $string); |
||
40 | |||
41 | case 'hex': |
||
42 | // escape every character into hex |
||
43 | $return = ''; |
||
44 | for ($x=0; $x < strlen($string); $x++) { |
||
45 | $return .= '%' . bin2hex($string[$x]); |
||
46 | } |
||
47 | return $return; |
||
48 | |||
49 | case 'hexentity': |
||
50 | $return = ''; |
||
51 | for ($x=0; $x < strlen($string); $x++) { |
||
52 | $return .= '&#x' . bin2hex($string[$x]) . ';'; |
||
53 | } |
||
54 | return $return; |
||
55 | |||
56 | case 'decentity': |
||
57 | $return = ''; |
||
58 | for ($x=0; $x < strlen($string); $x++) { |
||
59 | $return .= '&#' . ord($string[$x]) . ';'; |
||
60 | } |
||
61 | return $return; |
||
62 | |||
63 | case 'javascript': |
||
64 | // escape quotes and backslashes, newlines, etc. |
||
65 | return strtr($string, array('\\'=>'\\\\',"'"=>"\\'",'"'=>'\\"',"\r"=>'\\r',"\n"=>'\\n','</'=>'<\/')); |
||
66 | |||
67 | case 'mail': |
||
68 | // safe way to display e-mail address on a web page |
||
69 | return str_replace(array('@', '.'),array(' [AT] ', ' [DOT] '), $string); |
||
70 | |||
71 | case 'nonstd': |
||
72 | // escape non-standard chars, such as ms document quotes |
||
73 | $_res = ''; |
||
74 | for($_i = 0, $_len = strlen($string); $_i < $_len; $_i++) { |
||
75 | $_ord = ord(substr($string, $_i, 1)); |
||
76 | // non-standard char, escape it |
||
77 | if($_ord >= 126){ |
||
78 | $_res .= '&#' . $_ord . ';'; |
||
79 | } |
||
80 | else { |
||
81 | $_res .= substr($string, $_i, 1); |
||
82 | } |
||
83 | } |
||
84 | return $_res; |
||
85 | |||
86 | default: |
||
87 | return $string; |
||
88 | } |
||
89 | } |
||
90 | |||
91 | /* vim: set expandtab: */ |
||
92 | |||
93 | ?> |