From fa10e0945ecd45bfe78a2c8fb015a43092b4944b Mon Sep 17 00:00:00 2001 From: plegall Date: Thu, 10 Dec 2015 14:02:22 +0100 Subject: bug #385 update to smarty-3.1.28-dev (from Github) --- include/smarty/libs/plugins/modifier.escape.php | 32 ++++++++++++++++--------- 1 file changed, 21 insertions(+), 11 deletions(-) (limited to 'include/smarty/libs/plugins/modifier.escape.php') diff --git a/include/smarty/libs/plugins/modifier.escape.php b/include/smarty/libs/plugins/modifier.escape.php index 5ca8e7796..9fdb0702f 100644 --- a/include/smarty/libs/plugins/modifier.escape.php +++ b/include/smarty/libs/plugins/modifier.escape.php @@ -2,23 +2,24 @@ /** * Smarty plugin * - * @package Smarty + * @package Smarty * @subpackage PluginsModifier */ /** * Smarty escape modifier plugin - * * Type: modifier
* Name: escape
* Purpose: escape string for output * - * @link http://www.smarty.net/manual/en/language.modifier.count.characters.php count_characters (Smarty online manual) + * @link http://www.smarty.net/docs/en/language.modifier.escape * @author Monte Ohrt + * * @param string $string input string * @param string $esc_type escape type * @param string $char_set character set, used for htmlspecialchars() or htmlentities() * @param boolean $double_encode encode already encoded entitites again, used for htmlspecialchars() or htmlentities() + * * @return string escaped input string */ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $double_encode = true) @@ -27,7 +28,7 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ if ($_double_encode === null) { $_double_encode = version_compare(PHP_VERSION, '5.2.3', '>='); } - + if (!$char_set) { $char_set = Smarty::$_CHARSET; } @@ -46,6 +47,7 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string); $string = htmlspecialchars($string, ENT_QUOTES, $char_set); $string = str_replace(array('%%%SMARTY_START%%%', '%%%SMARTY_END%%%'), array('&', ';'), $string); + return $string; } } @@ -65,10 +67,11 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string); $string = htmlspecialchars($string, ENT_QUOTES, $char_set); $string = str_replace(array('%%%SMARTY_START%%%', '%%%SMARTY_END%%%'), array('&', ';'), $string); + return $string; } } - + // htmlentities() won't convert everything, so use mb_convert_encoding return mb_convert_encoding($string, 'HTML-ENTITIES', $char_set); } @@ -83,6 +86,7 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string); $string = htmlentities($string, ENT_QUOTES, $char_set); $string = str_replace(array('%%%SMARTY_START%%%', '%%%SMARTY_END%%%'), array('&', ';'), $string); + return $string; } } @@ -102,9 +106,10 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ // Note that the UTF-8 encoded character รค will be represented as %c3%a4 $return = ''; $_length = strlen($string); - for ($x = 0; $x < $_length; $x++) { + for ($x = 0; $x < $_length; $x ++) { $return .= '%' . bin2hex($string[$x]); } + return $return; case 'hexentity': @@ -115,13 +120,15 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ foreach (smarty_mb_to_unicode($string, Smarty::$_CHARSET) as $unicode) { $return .= '&#x' . strtoupper(dechex($unicode)) . ';'; } + return $return; } // no MBString fallback $_length = strlen($string); - for ($x = 0; $x < $_length; $x++) { + for ($x = 0; $x < $_length; $x ++) { $return .= '&#x' . bin2hex($string[$x]) . ';'; } + return $return; case 'decentity': @@ -132,13 +139,15 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ foreach (smarty_mb_to_unicode($string, Smarty::$_CHARSET) as $unicode) { $return .= '&#' . $unicode . ';'; } + return $return; } // no MBString fallback $_length = strlen($string); - for ($x = 0; $x < $_length; $x++) { + for ($x = 0; $x < $_length; $x ++) { $return .= '&#' . ord($string[$x]) . ';'; } + return $return; case 'javascript': @@ -148,6 +157,7 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ case 'mail': if (Smarty::$_MBSTRING) { require_once(SMARTY_PLUGINS_DIR . 'shared.mb_str_replace.php'); + return smarty_mb_str_replace(array('@', '.'), array(' [AT] ', ' [DOT] '), $string); } // no MBString fallback @@ -165,11 +175,12 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ $return .= chr($unicode); } } + return $return; } $_length = strlen($string); - for ($_i = 0; $_i < $_length; $_i++) { + for ($_i = 0; $_i < $_length; $_i ++) { $_ord = ord(substr($string, $_i, 1)); // non-standard char, escape it if ($_ord >= 126) { @@ -178,11 +189,10 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $ $return .= substr($string, $_i, 1); } } + return $return; default: return $string; } } - -?> \ No newline at end of file -- cgit v1.2.3