/BlogEngine/BlogEngine.NET/editors/tiny_mce_3_4_3_1/plugins/insertcode/js/encoder.js

/*

   From http://www.strictly-software.com/htmlencode

*/



Encoder = {



	// When encoding do we convert characters into html or numerical entities

	EncodeType : "entity",  // entity OR numerical



	isEmpty : function(val){

		if(val){

			return ((val===null) || val.length==0 || /^\s+$/.test(val));

		}else{

			return true;

		}

	},

	// Convert HTML entities into numerical entities

	HTML2Numerical : function(s){

		var arr1 = new Array(' ','¡','¢','£','¤','¥','¦','§','¨','©','ª','«','¬','­','®','¯','°','±','²','³','´','µ','¶','·','¸','¹','º','»','¼','½','¾','¿','à','á','â','ã','Ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','Ö','×','ø','ù','ú','û','Ü','ý','þ','ß','à','á','â','ã','ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','ö','÷','Ø','ù','ú','û','ü','ý','þ','ÿ','"','&','<','>','œ','œ','š','š','ÿ','ˆ','˜',' ',' ',' ','‌','‍','‎','‏','–','—','‘','’','‚','“','”','„','†','†','‰','‹','›','€','ƒ','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','σ','τ','υ','φ','χ','ψ','ω','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','ς','σ','τ','υ','φ','χ','ψ','ω','ϑ','ϒ','ϖ','•','…','′','′','‾','⁄','℘','ℑ','ℜ','™','ℵ','←','↑','→','↓','↔','↵','←','↑','→','↓','↔','∀','∂','∃','∅','∇','∈','∉','∋','∏','∑','−','∗','√','∝','∞','∠','∧','∨','∩','∪','∫','∴','∼','≅','≈','≠','≡','≤','≥','⊂','⊃','⊄','⊆','⊇','⊕','⊗','⊥','⋅','⌈','⌉','⌊','⌋','⟨','⟩','◊','♠','♣','♥','♦');

		var arr2 = new Array(' ','¡','¢','£','¤','¥','¦','§','¨','©','ª','«','¬','­','®','¯','°','±','²','³','´','µ','¶','·','¸','¹','º','»','¼','½','¾','¿','À','Á','Â','Ã','Ä','Å','Æ','Ç','È','É','Ê','Ë','Ì','Í','Î','Ï','Ð','Ñ','Ò','Ó','Ô','Õ','Ö','×','Ø','Ù','Ú','Û','Ü','Ý','Þ','ß','à','á','â','ã','ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','ö','÷','ø','ù','ú','û','ü','ý','þ','ÿ','"','&','<','>','Œ','œ','Š','š','Ÿ','ˆ','˜',' ',' ',' ','‌','‍','‎','‏','–','—','‘','’','‚','“','”','„','†','‡','‰','‹','›','€','ƒ','Α','Β','Γ','Δ','Ε','Ζ','Η','Θ','Ι','Κ','Λ','Μ','Ν','Ξ','Ο','Π','Ρ','Σ','Τ','Υ','Φ','Χ','Ψ','Ω','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','ς','σ','τ','υ','φ','χ','ψ','ω','ϑ','ϒ','ϖ','•','…','′','″','‾','⁄','℘','ℑ','ℜ','™','ℵ','←','↑','→','↓','↔','↵','⇐','⇑','⇒','⇓','⇔','∀','∂','∃','∅','∇','∈','∉','∋','∏','∑','−','∗','√','∝','∞','∠','∧','∨','∩','∪','∫','∴','∼','≅','≈','≠','≡','≤','≥','⊂','⊃','⊄','⊆','⊇','⊕','⊗','⊥','⋅','⌈','⌉','⌊','⌋','〈','〉','◊','♠','♣','♥','♦');

		return this.swapArrayVals(s,arr1,arr2);

	},	



	// Convert Numerical entities into HTML entities

	NumericalToHTML : function(s){

		var arr1 = new Array(' ','¡','¢','£','¤','¥','¦','§','¨','©','ª','«','¬','­','®','¯','°','±','²','³','´','µ','¶','·','¸','¹','º','»','¼','½','¾','¿','À','Á','Â','Ã','Ä','Å','Æ','Ç','È','É','Ê','Ë','Ì','Í','Î','Ï','Ð','Ñ','Ò','Ó','Ô','Õ','Ö','×','Ø','Ù','Ú','Û','Ü','Ý','Þ','ß','à','á','â','ã','ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','ö','÷','ø','ù','ú','û','ü','ý','þ','ÿ','"','&','<','>','Œ','œ','Š','š','Ÿ','ˆ','˜',' ',' ',' ','‌','‍','‎','‏','–','—','‘','’','‚','“','”','„','†','‡','‰','‹','›','€','ƒ','Α','Β','Γ','Δ','Ε','Ζ','Η','Θ','Ι','Κ','Λ','Μ','Ν','Ξ','Ο','Π','Ρ','Σ','Τ','Υ','Φ','Χ','Ψ','Ω','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','ς','σ','τ','υ','φ','χ','ψ','ω','ϑ','ϒ','ϖ','•','…','′','″','‾','⁄','℘','ℑ','ℜ','™','ℵ','←','↑','→','↓','↔','↵','⇐','⇑','⇒','⇓','⇔','∀','∂','∃','∅','∇','∈','∉','∋','∏','∑','−','∗','√','∝','∞','∠','∧','∨','∩','∪','∫','∴','∼','≅','≈','≠','≡','≤','≥','⊂','⊃','⊄','⊆','⊇','⊕','⊗','⊥','⋅','⌈','⌉','⌊','⌋','〈','〉','◊','♠','♣','♥','♦');

		var arr2 = new Array(' ','¡','¢','£','¤','¥','¦','§','¨','©','ª','«','¬','­','®','¯','°','±','²','³','´','µ','¶','·','¸','¹','º','»','¼','½','¾','¿','à','á','â','ã','Ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','Ö','×','ø','ù','ú','û','Ü','ý','þ','ß','à','á','â','ã','ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ò','ó','ô','õ','ö','÷','Ø','ù','ú','û','ü','ý','þ','ÿ','"','&','<','>','œ','œ','š','š','ÿ','ˆ','˜',' ',' ',' ','‌','‍','‎','‏','–','—','‘','’','‚','“','”','„','†','†','‰','‹','›','€','ƒ','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','σ','τ','υ','φ','χ','ψ','ω','α','β','γ','δ','ε','ζ','η','θ','ι','κ','λ','μ','ν','ξ','ο','π','ρ','ς','σ','τ','υ','φ','χ','ψ','ω','ϑ','ϒ','ϖ','•','…','′','′','‾','⁄','℘','ℑ','ℜ','™','ℵ','←','↑','→','↓','↔','↵','←','↑','→','↓','↔','∀','∂','∃','∅','∇','∈','∉','∋','∏','∑','−','∗','√','∝','∞','∠','∧','∨','∩','∪','∫','∴','∼','≅','≈','≠','≡','≤','≥','⊂','⊃','⊄','⊆','⊇','⊕','⊗','⊥','⋅','⌈','⌉','⌊','⌋','⟨','⟩','◊','♠','♣','♥','♦');

		return this.swapArrayVals(s,arr1,arr2);

	},





	// Numerically encodes all unicode characters

	numEncode : function(s){

		

		if(this.isEmpty(s)) return "";



		var e = "";

		for (var i = 0; i < s.length; i++)

		{

			var c = s.charAt(i);

			if (c < " " || c > "~")

			{

				c = "&#" + c.charCodeAt() + ";";

			}

			e += c;

		}

		return e;

	},

	

	// HTML Decode numerical and HTML entities back to original values

	htmlDecode : function(s){



		var c,m,d = s;

		

		if(this.isEmpty(d)) return "";



		// convert HTML entites back to numerical entites first

		d = this.HTML2Numerical(d);

		

		// look for numerical entities &#34;

		arr=d.match(/&#[0-9]{1,5};/g);

		

		// if no matches found in string then skip

		if(arr!=null){

			for(var x=0;x<arr.length;x++){

				m = arr[x];

				c = m.substring(2,m.length-1); //get numeric part which is refernce to unicode character

				// if its a valid number we can decode

				if(c >= -32768 && c <= 65535){

					// decode every single match within string

					d = d.replace(m, String.fromCharCode(c));

				}else{

					d = d.replace(m, ""); //invalid so replace with nada

				}

			}			

		}



		return d;

	},		



	// encode an input string into either numerical or HTML entities

	htmlEncode : function(s,dbl){

			

		if(this.isEmpty(s)) return "";



		// do we allow double encoding? E.g will &amp; be turned into &amp;amp;

		dbl = dbl | false; //default to prevent double encoding

		

		// if allowing double encoding we do ampersands first

		if(dbl){

			if(this.EncodeType=="numerical"){

				s = s.replace(/&/g, "&#38;");

			}else{

				s = s.replace(/&/g, "&amp;");

			}

		}



		// convert the xss chars to numerical entities ' " < >

		s = this.XSSEncode(s,false);

		

		if(this.EncodeType=="numerical" || !dbl){

			// Now call function that will convert any HTML entities to numerical codes

			s = this.HTML2Numerical(s);

		}



		// Now encode all chars above 127 e.g unicode

		s = this.numEncode(s);



		// now we know anything that needs to be encoded has been converted to numerical entities we

		// can encode any ampersands & that are not part of encoded entities

		// to handle the fact that I need to do a negative check and handle multiple ampersands &&&

		// I am going to use a placeholder



		// if we don't want double encoded entities we ignore the & in existing entities

		if(!dbl){

			s = s.replace(/&#/g,"##AMPHASH##");

		

			if(this.EncodeType=="numerical"){

				s = s.replace(/&/g, "&#38;");

			}else{

				s = s.replace(/&/g, "&amp;");

			}



			s = s.replace(/##AMPHASH##/g,"&#");

		}

		

		// replace any malformed entities

		s = s.replace(/&#\d*([^\d;]|$)/g, "$1");



		if(!dbl){

			// safety check to correct any double encoded &amp;

			s = this.correctEncoding(s);

		}



		// now do we need to convert our numerical encoded string into entities

		if(this.EncodeType=="entity"){

			s = this.NumericalToHTML(s);

		}



		return s;					

	},



	// Encodes the basic 4 characters used to malform HTML in XSS hacks

	XSSEncode : function(s,en){

		if(!this.isEmpty(s)){

			en = en || true;

			// do we convert to numerical or html entity?

			if(en){

				s = s.replace(/\'/g,"&#39;"); //no HTML equivalent as &apos is not cross browser supported

				s = s.replace(/\"/g,"&quot;");

				s = s.replace(/</g,"&lt;");

				s = s.replace(/>/g,"&gt;");

			}else{

				s = s.replace(/\'/g,"&#39;"); //no HTML equivalent as &apos is not cross browser supported

				s = s.replace(/\"/g,"&#34;");

				s = s.replace(/</g,"&#60;");

				s = s.replace(/>/g,"&#62;");

			}

			return s;

		}else{

			return "";

		}

	},



	// returns true if a string contains html or numerical encoded entities

	hasEncoded : function(s){

		if(/&#[0-9]{1,5};/g.test(s)){

			return true;

		}else if(/&[A-Z]{2,6};/gi.test(s)){

			return true;

		}else{

			return false;

		}

	},



	// will remove any unicode characters

	stripUnicode : function(s){

		return s.replace(/[^\x20-\x7E]/g,"");

		

	},



	// corrects any double encoded &amp; entities e.g &amp;amp;

	correctEncoding : function(s){

		return s.replace(/(&amp;)(amp;)+/,"$1");

	},





	// Function to loop through an array swaping each item with the value from another array e.g swap HTML entities with Numericals

	swapArrayVals : function(s,arr1,arr2){

		if(this.isEmpty(s)) return "";

		var re;

		if(arr1 && arr2){

			//ShowDebug("in swapArrayVals arr1.length = " + arr1.length + " arr2.length = " + arr2.length)

			// array lengths must match

			if(arr1.length == arr2.length){

				for(var x=0,i=arr1.length;x<i;x++){

					re = new RegExp(arr1[x], 'g');

					s = s.replace(re,arr2[x]); //swap arr1 item with matching item from arr2	

				}

			}

		}

		return s;

	},



	inArray : function( item, arr ) {

		for ( var i = 0, x = arr.length; i < x; i++ ){

			if ( arr[i] === item ){

				return i;

			}

		}

		return -1;

	}



}