includes/clientside/static/json.js
author Dan
Wed, 12 Dec 2007 21:04:20 -0500
changeset 316 c74736571f43
parent 40 723bb7acf914
child 582 a38876c0793c
permissions -rw-r--r--
SECURITY: CRITICAL: Fix SQL injection in admin CP page editor

/*
    json.js
    2007-03-20

    All of the code contained within this file is released into
    the public domain. Optionally, you may distribute this code
    under the terms of the GNU General Public License as well
    (public domain licensing allows this).
    
*/

function toJSONString(input)
{
  var m = {
          '\b': '\\b',
          '\t': '\\t',
          '\n': '\\n',
          '\f': '\\f',
          '\r': '\\r',
          '"' : '\\"',
          '\\': '\\\\'
          };
  var t = typeof(input);
  switch(t)
  {
    case 'string':
      if (/["\\\x00-\x1f]/.test(input))
      {
          return '"' + input.replace(/([\x00-\x1f\\"])/g, function(a, b)
            {
              var c = m[b];
              if (c) {
                  return c;
              }
              c = b.charCodeAt();
              return '\\u00' +
                  Math.floor(c / 16).toString(16) +
                  (c % 16).toString(16);
          }) + '"';
      }
      return '"' + input + '"';
      break;
    case 'array':
      var a = ['['],  
            b,          
            i,          
            l = input.length,
            v;          

        var p = function (s) {

            if (b) {
                a.push(',');
            }
            a.push(s);
            b = true;
        }

        for (i = 0; i < l; i += 1) {
            v = input[i];
            switch (typeof v) {
            case 'object':
              if (v) {
                p(toJSONString(v));
              } else {
                p("null");
              }
              break;
            case 'array':
            case 'string':
            case 'number':
            case 'boolean':
                p(toJSONString(v));
            }
        }

        a.push(']');
        return a.join('');
      break;
    case 'date':
      var f = function (n)
      {
        return n < 10 ? '0' + n : n;
      }
      return '"' + input.getFullYear() + '-' +
                 f(input.getMonth() + 1) + '-' +
                 f(input.getDate()) + 'T' +
                 f(input.getHours()) + ':' +
                 f(input.getMinutes()) + ':' +
                 f(input.getSeconds()) + '"';
                 
    case 'boolean':
      return String(input);
      break;
    case 'number':
      return isFinite(input) ? String(input) : "null";
      break;
    case 'object':
      var a = ['{'],  
          b,          
          k,          
          v;          

      var p = function (s)
      {
        if (b)
        {
          a.push(',');
        }
        a.push(toJSONString(k), ':', s);
        b = true;
      }

      for (k in input) 
      {
        if (input.hasOwnProperty(k))
        {
          v = input[k];
          switch (typeof v) {

            case 'object':
              if (v) {
                p(toJSONString(v));
              } else {
                p("null");
              }
              break;
            case 'string':
            case 'number':
            case 'boolean':
              p(toJSONString(v));
              break;
          }
        }
      }

      a.push('}');
      return a.join('');
      break;
  }
}

function parseJSON(string, filter)
{
  try {
    if (/^("(\\.|[^"\\\n\r])*?"|[,:{}\[\]0-9.\-+Eaeflnr-u \n\r\t])+?$/.
            test(string))
    {
  
        var j = eval('(' + string + ')');
        if (typeof filter === 'function') {
  
            function walk(k, v) {
                if (v && typeof v === 'object') {
                    for (var i in v) {
                        if (v.hasOwnProperty(i)) {
                            v[i] = walk(i, v[i]);
                        }
                    }
                }
                return filter(k, v);
            }
  
            j = walk('', j);
        }
        return j;
    }
  } catch (e) {
  
  }
  throw new SyntaxError("parseJSON");
}