smarty/plugins/modifier.escape.php
changeset 0 c63de9eb7045
equal deleted inserted replaced
-1:000000000000 0:c63de9eb7045
       
     1 <?php
       
     2 /**
       
     3  * Smarty plugin
       
     4  * @package Smarty
       
     5  * @subpackage plugins
       
     6  */
       
     7 
       
     8 
       
     9 /**
       
    10  * Smarty escape modifier plugin
       
    11  *
       
    12  * Type:     modifier<br>
       
    13  * Name:     escape<br>
       
    14  * Purpose:  Escape the string according to escapement type
       
    15  * @link http://smarty.php.net/manual/en/language.modifier.escape.php
       
    16  *          escape (Smarty online manual)
       
    17  * @author   Monte Ohrt <monte at ohrt dot com>
       
    18  * @param string
       
    19  * @param html|htmlall|url|quotes|hex|hexentity|javascript
       
    20  * @return string
       
    21  */
       
    22 function smarty_modifier_escape($string, $esc_type = 'html', $char_set = 'ISO-8859-1')
       
    23 {
       
    24     switch ($esc_type) {
       
    25         case 'html':
       
    26             return htmlspecialchars($string, ENT_QUOTES, $char_set);
       
    27 
       
    28         case 'htmlall':
       
    29             return htmlentities($string, ENT_QUOTES, $char_set);
       
    30 
       
    31         case 'url':
       
    32             return rawurlencode($string);
       
    33 
       
    34         case 'urlpathinfo':
       
    35             return str_replace('%2F','/',rawurlencode($string));
       
    36             
       
    37         case 'quotes':
       
    38             // escape unescaped single quotes
       
    39             return preg_replace("%(?<!\\\\)'%", "\\'", $string);
       
    40 
       
    41         case 'hex':
       
    42             // escape every character into hex
       
    43             $return = '';
       
    44             for ($x=0; $x < strlen($string); $x++) {
       
    45                 $return .= '%' . bin2hex($string[$x]);
       
    46             }
       
    47             return $return;
       
    48             
       
    49         case 'hexentity':
       
    50             $return = '';
       
    51             for ($x=0; $x < strlen($string); $x++) {
       
    52                 $return .= '&#x' . bin2hex($string[$x]) . ';';
       
    53             }
       
    54             return $return;
       
    55 
       
    56         case 'decentity':
       
    57             $return = '';
       
    58             for ($x=0; $x < strlen($string); $x++) {
       
    59                 $return .= '&#' . ord($string[$x]) . ';';
       
    60             }
       
    61             return $return;
       
    62 
       
    63         case 'javascript':
       
    64             // escape quotes and backslashes, newlines, etc.
       
    65             return strtr($string, array('\\'=>'\\\\',"'"=>"\\'",'"'=>'\\"',"\r"=>'\\r',"\n"=>'\\n','</'=>'<\/'));
       
    66             
       
    67         case 'mail':
       
    68             // safe way to display e-mail address on a web page
       
    69             return str_replace(array('@', '.'),array(' [AT] ', ' [DOT] '), $string);
       
    70             
       
    71         case 'nonstd':
       
    72            // escape non-standard chars, such as ms document quotes
       
    73            $_res = '';
       
    74            for($_i = 0, $_len = strlen($string); $_i < $_len; $_i++) {
       
    75                $_ord = ord(substr($string, $_i, 1));
       
    76                // non-standard char, escape it
       
    77                if($_ord >= 126){
       
    78                    $_res .= '&#' . $_ord . ';';
       
    79                }
       
    80                else {
       
    81                    $_res .= substr($string, $_i, 1);
       
    82                }
       
    83            }
       
    84            return $_res;
       
    85 
       
    86         default:
       
    87             return $string;
       
    88     }
       
    89 }
       
    90 
       
    91 /* vim: set expandtab: */
       
    92 
       
    93 ?>