Administrator / extrem

Blame view

libs/SMARTY/plugins/modifier.escape.php 2.69 KB
Edit Raw Normal View History
42868d70   andryeyev   Создал GIT 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
 
  <?php
  /**
   * Smarty plugin
   * @package Smarty
   * @subpackage plugins
   */
  
  
  /**
   * Smarty escape modifier plugin
   *
   * Type:     modifier<br>
   * Name:     escape<br>
   * Purpose:  Escape the string according to escapement type
   * @link http://smarty.php.net/manual/en/language.modifier.escape.php
   *          escape (Smarty online manual)
   * @author   Monte Ohrt <monte at ohrt dot com>
   * @param string
   * @param html|htmlall|url|quotes|hex|hexentity|javascript
   * @return string
   */
  function smarty_modifier_escape($string, $esc_type = 'html', $char_set = 'ISO-8859-1')
  {
      switch ($esc_type) {
          case 'html':
              return htmlspecialchars($string, ENT_QUOTES, $char_set);
  
          case 'htmlall':
              return htmlentities($string, ENT_QUOTES, $char_set);
  
          case 'url':
              return rawurlencode($string);
  
          case 'urlpathinfo':
              return str_replace('%2F','/',rawurlencode($string));
              
          case 'quotes':
              // escape unescaped single quotes
              return preg_replace("%(?<!\\\\)'%", "\\'", $string);
  
          case 'hex':
              // escape every character into hex
              $return = '';
              for ($x=0; $x < strlen($string); $x++) {
                  $return .= '%' . bin2hex($string[$x]);
              }
              return $return;
              
          case 'hexentity':
              $return = '';
              for ($x=0; $x < strlen($string); $x++) {
                  $return .= '&#x' . bin2hex($string[$x]) . ';';
              }
              return $return;
  
          case 'decentity':
              $return = '';
              for ($x=0; $x < strlen($string); $x++) {
                  $return .= '&#' . ord($string[$x]) . ';';
              }
              return $return;
  
          case 'javascript':
              // escape quotes and backslashes, newlines, etc.
              return strtr($string, array('\\'=>'\\\\',"'"=>"\\'",'"'=>'\\"',"\r"=>'\\r',"\n"=>'\\n','</'=>'<\/'));
              
          case 'mail':
              // safe way to display e-mail address on a web page
              return str_replace(array('@', '.'),array(' [AT] ', ' [DOT] '), $string);
              
          case 'nonstd':
             // escape non-standard chars, such as ms document quotes
             $_res = '';
             for($_i = 0, $_len = strlen($string); $_i < $_len; $_i++) {
                 $_ord = ord(substr($string, $_i, 1));
                 // non-standard char, escape it
                 if($_ord >= 126){
                     $_res .= '&#' . $_ord . ';';
                 }
                 else {
                     $_res .= substr($string, $_i, 1);
                 }
             }
             return $_res;
  
          default:
              return $string;
      }
  }
  
  /* vim: set expandtab: */
  
  ?>