51ff3226 |
1 | <?php |
2 | /** |
3 | * Smarty plugin |
4 | * @package Smarty |
5 | * @subpackage plugins |
6 | */ |
7 | |
8 | |
9 | /** |
10 | * Smarty escape modifier plugin |
11 | * |
12 | * Type: modifier<br> |
13 | * Name: escape<br> |
14 | * Purpose: Escape the string according to escapement type |
15 | * @link http://smarty.php.net/manual/en/language.modifier.escape.php |
16 | * escape (Smarty online manual) |
17 | * @param string |
18 | * @param html|htmlall|url|quotes|hex|hexentity|javascript |
19 | * @return string |
20 | */ |
21 | function smarty_modifier_escape($string, $esc_type = 'html') |
22 | { |
23 | switch ($esc_type) { |
24 | case 'html': |
25 | return htmlspecialchars($string, ENT_QUOTES); |
26 | |
27 | case 'htmlall': |
28 | return htmlentities($string, ENT_QUOTES); |
29 | |
30 | case 'url': |
31 | return rawurlencode($string); |
32 | |
33 | case 'quotes': |
34 | // escape unescaped single quotes |
35 | return preg_replace("%(?<!\\\\)'%", "\\'", $string); |
36 | |
37 | case 'hex': |
38 | // escape every character into hex |
39 | $return = ''; |
40 | for ($x=0; $x < strlen($string); $x++) { |
41 | $return .= '%' . bin2hex($string[$x]); |
42 | } |
43 | return $return; |
44 | |
45 | case 'hexentity': |
46 | $return = ''; |
47 | for ($x=0; $x < strlen($string); $x++) { |
48 | $return .= '&#x' . bin2hex($string[$x]) . ';'; |
49 | } |
50 | return $return; |
51 | |
52 | case 'decentity': |
53 | $return = ''; |
54 | for ($x=0; $x < strlen($string); $x++) { |
55 | $return .= '&#' . ord($string[$x]) . ';'; |
56 | } |
57 | return $return; |
58 | |
59 | case 'javascript': |
60 | // escape quotes and backslashes, newlines, etc. |
61 | return strtr($string, array('\\'=>'\\\\',"'"=>"\\'",'"'=>'\\"',"\r"=>'\\r',"\n"=>'\\n','</'=>'<\/')); |
62 | |
63 | case 'mail': |
64 | // safe way to display e-mail address on a web page |
65 | return str_replace(array('@', '.'),array(' [AT] ', ' [DOT] '), $string); |
66 | |
67 | case 'nonstd': |
68 | // escape non-standard chars, such as ms document quotes |
69 | $_res = ''; |
70 | for($_i = 0, $_len = strlen($string); $_i < $_len; $_i++) { |
71 | $_ord = ord($string{$_i}); |
72 | // non-standard char, escape it |
73 | if($_ord >= 126){ |
74 | $_res .= '&#' . $_ord . ';'; |
75 | } |
76 | else { |
77 | $_res .= $string{$_i}; |
78 | } |
79 | } |
80 | return $_res; |
81 | |
82 | default: |
83 | return $string; |
84 | } |
85 | } |
86 | |
87 | /* vim: set expandtab: */ |
88 | |
89 | ?> |