/include/Smarty/plugins/modifier.escape.php
PHP | 125 lines | 63 code | 15 blank | 47 comment | 3 complexity | aae08c2908d653176d5cdcdae0a8cd97 MD5 | raw file
- <?php
- /*
- Modification information for LGPL compliance
- r56990 - 2010-06-16 13:05:36 -0700 (Wed, 16 Jun 2010) - kjing - snapshot "Mango" svn branch to a new one for GitHub sync
- r56989 - 2010-06-16 13:01:33 -0700 (Wed, 16 Jun 2010) - kjing - defunt "Mango" svn dev branch before github cutover
- r55980 - 2010-04-19 13:31:28 -0700 (Mon, 19 Apr 2010) - kjing - create Mango (6.1) based on windex
- r52439 - 2009-11-12 17:05:52 -0800 (Thu, 12 Nov 2009) - clee - Updated to allow Rich Text Editor to resize and render HTML content on detailview.
- r51719 - 2009-10-22 10:18:00 -0700 (Thu, 22 Oct 2009) - mitani - Converted to Build 3 tags and updated the build system
- r51634 - 2009-10-19 13:32:22 -0700 (Mon, 19 Oct 2009) - mitani - Windex is the branch for Sugar Sales 1.0 development
- r50375 - 2009-08-24 18:07:43 -0700 (Mon, 24 Aug 2009) - dwong - branch kobe2 from tokyo r50372
- r42807 - 2008-12-29 11:16:59 -0800 (Mon, 29 Dec 2008) - dwong - Branch from trunk/sugarcrm r42806 to branches/tokyo/sugarcrm
- r10971 - 2006-01-12 14:58:30 -0800 (Thu, 12 Jan 2006) - chris - Bug 4128: updating Smarty templates to 2.6.11, a version supposedly that plays better with PHP 5.1
- r8230 - 2005-10-03 17:47:19 -0700 (Mon, 03 Oct 2005) - majed - Added Sugar_Smarty to the code tree.
- */
- /**
- * Smarty plugin
- * @package Smarty
- * @subpackage plugins
- */
- /**
- * Smarty escape modifier plugin
- *
- * Type: modifier<br>
- * Name: escape<br>
- * Purpose: Escape the string according to escapement type
- * @link http://smarty.php.net/manual/en/language.modifier.escape.php
- * escape (Smarty online manual)
- * @author Monte Ohrt <monte at ohrt dot com>
- * @param string
- * @param html|htmlall|url|quotes|hex|hexentity|javascript
- * @return string
- */
- function smarty_modifier_escape($string, $esc_type = 'html', $char_set = 'ISO-8859-1')
- {
- switch ($esc_type) {
- case 'html':
- return htmlspecialchars($string, ENT_QUOTES, $char_set);
- case 'htmlall':
- return htmlentities($string, ENT_QUOTES, $char_set);
- case 'htmlentitydecode':
- return html_entity_decode($string, ENT_QUOTES, $char_set);
-
- case 'url':
- return rawurlencode($string);
- case 'urlpathinfo':
- return str_replace('%2F','/',rawurlencode($string));
-
- case 'quotes':
- // escape unescaped single quotes
- return preg_replace("%(?<!\\\\)'%", "\\'", $string);
- case 'hex':
- // escape every character into hex
- $return = '';
- for ($x=0; $x < strlen($string); $x++) {
- $return .= '%' . bin2hex($string[$x]);
- }
- return $return;
-
- case 'hexentity':
- $return = '';
- for ($x=0; $x < strlen($string); $x++) {
- $return .= '&#x' . bin2hex($string[$x]) . ';';
- }
- return $return;
- case 'decentity':
- $return = '';
- for ($x=0; $x < strlen($string); $x++) {
- $return .= '&#' . ord($string[$x]) . ';';
- }
- return $return;
- case 'javascript':
- // escape quotes and backslashes, newlines, etc.
- return strtr($string, array('\\'=>'\\\\',"'"=>"\\'",'"'=>'\\"',"\r"=>'\\r',"\n"=>'\\n','</'=>'<\/'));
-
- case 'mail':
- // safe way to display e-mail address on a web page
- return str_replace(array('@', '.'),array(' [AT] ', ' [DOT] '), $string);
-
- case 'nonstd':
- // escape non-standard chars, such as ms document quotes
- $_res = '';
- for($_i = 0, $_len = strlen($string); $_i < $_len; $_i++) {
- $_ord = ord(substr($string, $_i, 1));
- // non-standard char, escape it
- if($_ord >= 126){
- $_res .= '&#' . $_ord . ';';
- }
- else {
- $_res .= substr($string, $_i, 1);
- }
- }
- return $_res;
- default:
- return $string;
- }
- }
- /* vim: set expandtab: */
- ?>