smarty/plugins/modifier.escape.php
author Dan
Mon, 30 Jun 2008 12:36:13 -0400
changeset 21 74edc873234f
parent 0 c63de9eb7045
permissions -rw-r--r--
Made the webserver a bit smarter. It handles running as root properly (only allows it if user/group specified and port < 1024) and directory listing is massively smarter.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
     1
<?php
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
     2
/**
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
     3
 * Smarty plugin
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
     4
 * @package Smarty
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
     5
 * @subpackage plugins
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
     6
 */
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
     7
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
     8
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
     9
/**
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    10
 * Smarty escape modifier plugin
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    11
 *
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    12
 * Type:     modifier<br>
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    13
 * Name:     escape<br>
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    14
 * Purpose:  Escape the string according to escapement type
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    15
 * @link http://smarty.php.net/manual/en/language.modifier.escape.php
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    16
 *          escape (Smarty online manual)
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    17
 * @author   Monte Ohrt <monte at ohrt dot com>
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    18
 * @param string
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    19
 * @param html|htmlall|url|quotes|hex|hexentity|javascript
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    20
 * @return string
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    21
 */
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    22
function smarty_modifier_escape($string, $esc_type = 'html', $char_set = 'ISO-8859-1')
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    23
{
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    24
    switch ($esc_type) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    25
        case 'html':
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    26
            return htmlspecialchars($string, ENT_QUOTES, $char_set);
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    27
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    28
        case 'htmlall':
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    29
            return htmlentities($string, ENT_QUOTES, $char_set);
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    30
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    31
        case 'url':
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    32
            return rawurlencode($string);
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    33
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    34
        case 'urlpathinfo':
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    35
            return str_replace('%2F','/',rawurlencode($string));
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    36
            
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    37
        case 'quotes':
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    38
            // escape unescaped single quotes
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    39
            return preg_replace("%(?<!\\\\)'%", "\\'", $string);
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    40
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    41
        case 'hex':
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    42
            // escape every character into hex
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    43
            $return = '';
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    44
            for ($x=0; $x < strlen($string); $x++) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    45
                $return .= '%' . bin2hex($string[$x]);
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    46
            }
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    47
            return $return;
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    48
            
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    49
        case 'hexentity':
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    50
            $return = '';
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    51
            for ($x=0; $x < strlen($string); $x++) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    52
                $return .= '&#x' . bin2hex($string[$x]) . ';';
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    53
            }
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    54
            return $return;
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    55
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    56
        case 'decentity':
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    57
            $return = '';
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    58
            for ($x=0; $x < strlen($string); $x++) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    59
                $return .= '&#' . ord($string[$x]) . ';';
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    60
            }
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    61
            return $return;
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    62
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    63
        case 'javascript':
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    64
            // escape quotes and backslashes, newlines, etc.
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    65
            return strtr($string, array('\\'=>'\\\\',"'"=>"\\'",'"'=>'\\"',"\r"=>'\\r',"\n"=>'\\n','</'=>'<\/'));
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    66
            
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    67
        case 'mail':
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    68
            // safe way to display e-mail address on a web page
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    69
            return str_replace(array('@', '.'),array(' [AT] ', ' [DOT] '), $string);
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    70
            
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    71
        case 'nonstd':
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    72
           // escape non-standard chars, such as ms document quotes
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    73
           $_res = '';
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    74
           for($_i = 0, $_len = strlen($string); $_i < $_len; $_i++) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    75
               $_ord = ord(substr($string, $_i, 1));
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    76
               // non-standard char, escape it
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    77
               if($_ord >= 126){
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    78
                   $_res .= '&#' . $_ord . ';';
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    79
               }
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    80
               else {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    81
                   $_res .= substr($string, $_i, 1);
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    82
               }
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    83
           }
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    84
           return $_res;
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    85
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    86
        default:
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    87
            return $string;
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    88
    }
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    89
}
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    90
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    91
/* vim: set expandtab: */
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    92
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface)
Dan
parents:
diff changeset
    93
?>