@@ -48,56 +48,56 @@ |
||
48 | 48 | } |
49 | 49 | |
50 | 50 | switch ($format) { |
51 | - case 'html': |
|
52 | - return htmlspecialchars((string)$value, ENT_QUOTES, $charset); |
|
53 | - case 'htmlall': |
|
54 | - return htmlentities((string)$value, ENT_QUOTES, $charset); |
|
55 | - case 'url': |
|
56 | - return rawurlencode((string)$value); |
|
57 | - case 'urlpathinfo': |
|
58 | - return str_replace('%2F', '/', rawurlencode((string)$value)); |
|
59 | - case 'quotes': |
|
60 | - return preg_replace("#(?<!\\\\)'#", "\\'", (string)$value); |
|
61 | - case 'hex': |
|
62 | - $out = ''; |
|
63 | - $cnt = strlen((string)$value); |
|
64 | - for ($i = 0; $i < $cnt; ++ $i) { |
|
65 | - $out .= '%' . bin2hex((string)$value[$i]); |
|
66 | - } |
|
51 | + case 'html': |
|
52 | + return htmlspecialchars((string)$value, ENT_QUOTES, $charset); |
|
53 | + case 'htmlall': |
|
54 | + return htmlentities((string)$value, ENT_QUOTES, $charset); |
|
55 | + case 'url': |
|
56 | + return rawurlencode((string)$value); |
|
57 | + case 'urlpathinfo': |
|
58 | + return str_replace('%2F', '/', rawurlencode((string)$value)); |
|
59 | + case 'quotes': |
|
60 | + return preg_replace("#(?<!\\\\)'#", "\\'", (string)$value); |
|
61 | + case 'hex': |
|
62 | + $out = ''; |
|
63 | + $cnt = strlen((string)$value); |
|
64 | + for ($i = 0; $i < $cnt; ++ $i) { |
|
65 | + $out .= '%' . bin2hex((string)$value[$i]); |
|
66 | + } |
|
67 | 67 | |
68 | - return $out; |
|
69 | - case 'hexentity': |
|
70 | - $out = ''; |
|
71 | - $cnt = strlen((string)$value); |
|
72 | - for ($i = 0; $i < $cnt; ++ $i) { |
|
73 | - $out .= '&#x' . bin2hex((string)$value[$i]) . ';'; |
|
74 | - } |
|
68 | + return $out; |
|
69 | + case 'hexentity': |
|
70 | + $out = ''; |
|
71 | + $cnt = strlen((string)$value); |
|
72 | + for ($i = 0; $i < $cnt; ++ $i) { |
|
73 | + $out .= '&#x' . bin2hex((string)$value[$i]) . ';'; |
|
74 | + } |
|
75 | 75 | |
76 | - return $out; |
|
77 | - case 'javascript': |
|
78 | - case 'js': |
|
79 | - return strtr((string)$value, |
|
80 | - array( |
|
81 | - '\\' => '\\\\', |
|
82 | - "'" => "\\'", |
|
83 | - '"' => '\\"', |
|
84 | - "\r" => '\\r', |
|
85 | - "\n" => '\\n', |
|
86 | - '</' => '<\/' |
|
87 | - )); |
|
88 | - case 'mail': |
|
89 | - return str_replace(array( |
|
90 | - '@', |
|
91 | - '.' |
|
76 | + return $out; |
|
77 | + case 'javascript': |
|
78 | + case 'js': |
|
79 | + return strtr((string)$value, |
|
80 | + array( |
|
81 | + '\\' => '\\\\', |
|
82 | + "'" => "\\'", |
|
83 | + '"' => '\\"', |
|
84 | + "\r" => '\\r', |
|
85 | + "\n" => '\\n', |
|
86 | + '</' => '<\/' |
|
87 | + )); |
|
88 | + case 'mail': |
|
89 | + return str_replace(array( |
|
90 | + '@', |
|
91 | + '.' |
|
92 | + ), |
|
93 | + array( |
|
94 | + ' (AT) ', |
|
95 | + ' (DOT) ' |
|
92 | 96 | ), |
93 | - array( |
|
94 | - ' (AT) ', |
|
95 | - ' (DOT) ' |
|
96 | - ), |
|
97 | - (string)$value); |
|
98 | - default: |
|
99 | - $this->core->triggerError('Escape\'s format argument must be one of : html, htmlall, url, urlpathinfo, hex, hexentity, javascript, js or mail, "' . $format . '" given.', |
|
100 | - E_USER_WARNING); |
|
97 | + (string)$value); |
|
98 | + default: |
|
99 | + $this->core->triggerError('Escape\'s format argument must be one of : html, htmlall, url, urlpathinfo, hex, hexentity, javascript, js or mail, "' . $format . '" given.', |
|
100 | + E_USER_WARNING); |
|
101 | 101 | } |
102 | 102 | } |
103 | 103 | } |
104 | 104 | \ No newline at end of file |
@@ -82,63 +82,63 @@ |
||
82 | 82 | // output |
83 | 83 | switch ($encode) { |
84 | 84 | |
85 | - case 'none': |
|
86 | - case null: |
|
87 | - return '<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>'; |
|
88 | - |
|
89 | - case 'js': |
|
90 | - case 'javascript': |
|
91 | - $str = 'document.write(\'<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>\');'; |
|
92 | - $len = strlen($str); |
|
93 | - |
|
94 | - $out = ''; |
|
95 | - for ($i = 0; $i < $len; ++ $i) { |
|
96 | - $out .= '%' . bin2hex($str[$i]); |
|
85 | + case 'none': |
|
86 | + case null: |
|
87 | + return '<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>'; |
|
88 | + |
|
89 | + case 'js': |
|
90 | + case 'javascript': |
|
91 | + $str = 'document.write(\'<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>\');'; |
|
92 | + $len = strlen($str); |
|
93 | + |
|
94 | + $out = ''; |
|
95 | + for ($i = 0; $i < $len; ++ $i) { |
|
96 | + $out .= '%' . bin2hex($str[$i]); |
|
97 | + } |
|
98 | + |
|
99 | + return '<script type="text/javascript">eval(unescape(\'' . $out . '\'));</script>'; |
|
100 | + |
|
101 | + break; |
|
102 | + case 'javascript_charcode': |
|
103 | + case 'js_charcode': |
|
104 | + case 'jscharcode': |
|
105 | + case 'jschar': |
|
106 | + $str = '<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>'; |
|
107 | + $len = strlen($str); |
|
108 | + |
|
109 | + $out = '<script type="text/javascript">' . "\n<!--\ndocument.write(Str.fromCharCode("; |
|
110 | + for ($i = 0; $i < $len; ++ $i) { |
|
111 | + $out .= ord($str[$i]) . ','; |
|
112 | + } |
|
113 | + |
|
114 | + return rtrim($out, ',') . "));\n-->\n</script>\n"; |
|
115 | + |
|
116 | + break; |
|
117 | + |
|
118 | + case 'hex': |
|
119 | + if (strpos($address, '?') !== false) { |
|
120 | + $this->core->triggerError('Mailto: Hex encoding is not possible with extra attributes, use one of : <em>js, jscharcode or none</em>.', E_USER_WARNING); |
|
121 | + } |
|
122 | + |
|
123 | + $out = '<a href="mailto:'; |
|
124 | + $len = strlen($address); |
|
125 | + for ($i = 0; $i < $len; ++ $i) { |
|
126 | + if (preg_match('#\w#', $address[$i])) { |
|
127 | + $out .= '%' . bin2hex($address[$i]); |
|
128 | + } else { |
|
129 | + $out .= $address[$i]; |
|
97 | 130 | } |
131 | + } |
|
132 | + $out .= '" ' . $extra . '>'; |
|
133 | + $len = strlen($text); |
|
134 | + for ($i = 0; $i < $len; ++ $i) { |
|
135 | + $out .= '&#x' . bin2hex($text[$i]); |
|
136 | + } |
|
98 | 137 | |
99 | - return '<script type="text/javascript">eval(unescape(\'' . $out . '\'));</script>'; |
|
138 | + return $out . '</a>'; |
|
100 | 139 | |
101 | - break; |
|
102 | - case 'javascript_charcode': |
|
103 | - case 'js_charcode': |
|
104 | - case 'jscharcode': |
|
105 | - case 'jschar': |
|
106 | - $str = '<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>'; |
|
107 | - $len = strlen($str); |
|
108 | - |
|
109 | - $out = '<script type="text/javascript">' . "\n<!--\ndocument.write(Str.fromCharCode("; |
|
110 | - for ($i = 0; $i < $len; ++ $i) { |
|
111 | - $out .= ord($str[$i]) . ','; |
|
112 | - } |
|
113 | - |
|
114 | - return rtrim($out, ',') . "));\n-->\n</script>\n"; |
|
115 | - |
|
116 | - break; |
|
117 | - |
|
118 | - case 'hex': |
|
119 | - if (strpos($address, '?') !== false) { |
|
120 | - $this->core->triggerError('Mailto: Hex encoding is not possible with extra attributes, use one of : <em>js, jscharcode or none</em>.', E_USER_WARNING); |
|
121 | - } |
|
122 | - |
|
123 | - $out = '<a href="mailto:'; |
|
124 | - $len = strlen($address); |
|
125 | - for ($i = 0; $i < $len; ++ $i) { |
|
126 | - if (preg_match('#\w#', $address[$i])) { |
|
127 | - $out .= '%' . bin2hex($address[$i]); |
|
128 | - } else { |
|
129 | - $out .= $address[$i]; |
|
130 | - } |
|
131 | - } |
|
132 | - $out .= '" ' . $extra . '>'; |
|
133 | - $len = strlen($text); |
|
134 | - for ($i = 0; $i < $len; ++ $i) { |
|
135 | - $out .= '&#x' . bin2hex($text[$i]); |
|
136 | - } |
|
137 | - |
|
138 | - return $out . '</a>'; |
|
139 | - |
|
140 | - default: |
|
141 | - $this->core->triggerError('Mailto: <em>encode</em> argument is invalid, it must be one of : <em>none (= no value), js, js_charcode or hex</em>', E_USER_WARNING); |
|
140 | + default: |
|
141 | + $this->core->triggerError('Mailto: <em>encode</em> argument is invalid, it must be one of : <em>none (= no value), js, js_charcode or hex</em>', E_USER_WARNING); |
|
142 | 142 | } |
143 | 143 | } |
144 | 144 | } |
145 | 145 | \ No newline at end of file |
@@ -769,13 +769,13 @@ discard block |
||
769 | 769 | $search = array('{<\?.*?\?>}', '{<%.*?%>}'); |
770 | 770 | } |
771 | 771 | switch ($this->securityPolicy->getPhpHandling()) { |
772 | - case SecurityPolicy::PHP_ALLOW: |
|
773 | - break; |
|
774 | - case SecurityPolicy::PHP_ENCODE: |
|
775 | - $tpl = preg_replace_callback($search, array($this, 'phpTagEncodingHelper'), $tpl); |
|
776 | - break; |
|
777 | - case SecurityPolicy::PHP_REMOVE: |
|
778 | - $tpl = preg_replace($search, '', $tpl); |
|
772 | + case SecurityPolicy::PHP_ALLOW: |
|
773 | + break; |
|
774 | + case SecurityPolicy::PHP_ENCODE: |
|
775 | + $tpl = preg_replace_callback($search, array($this, 'phpTagEncodingHelper'), $tpl); |
|
776 | + break; |
|
777 | + case SecurityPolicy::PHP_REMOVE: |
|
778 | + $tpl = preg_replace($search, '', $tpl); |
|
779 | 779 | } |
780 | 780 | } |
781 | 781 | } |
@@ -875,51 +875,51 @@ discard block |
||
875 | 875 | } |
876 | 876 | |
877 | 877 | switch ($type) { |
878 | - case Core::CLASS_PLUGIN: |
|
879 | - case Core::CLASS_PLUGIN + Core::BLOCK_PLUGIN: |
|
880 | - if (class_exists('Plugin' . $plugin) !== false) { |
|
881 | - $output .= "if (class_exists('" . "Plugin" . $plugin . "')===false)". |
|
882 | - "\n\t\$this->getLoader()->loadPlugin('Plugin$plugin');\n"; |
|
883 | - } else { |
|
884 | - $output .= "if (class_exists('" . Core::NAMESPACE_PLUGINS_BLOCKS . "Plugin" . $plugin . "')===false)". |
|
885 | - "\n\t\$this->getLoader()->loadPlugin('Plugin$plugin');\n"; |
|
886 | - } |
|
887 | - break; |
|
888 | - case Core::CLASS_PLUGIN + Core::FUNC_PLUGIN: |
|
889 | - if (class_exists('Plugin' . $plugin) !== false) { |
|
890 | - $output .= "if (class_exists('" . "Plugin" . $plugin . "')===false)". |
|
891 | - "\n\t\$this->getLoader()->loadPlugin('Plugin$plugin');\n"; |
|
892 | - } else { |
|
893 | - $output .= "if (class_exists('" . Core::NAMESPACE_PLUGINS_FUNCTIONS . "Plugin" . $plugin . "')===false)". |
|
894 | - "\n\t\$this->getLoader()->loadPlugin('Plugin$plugin');\n"; |
|
895 | - } |
|
896 | - break; |
|
897 | - case Core::FUNC_PLUGIN: |
|
898 | - if (function_exists('Plugin' . $plugin) !== false) { |
|
899 | - $output .= "if (function_exists('" . "Plugin" . $plugin . "')===false)". |
|
878 | + case Core::CLASS_PLUGIN: |
|
879 | + case Core::CLASS_PLUGIN + Core::BLOCK_PLUGIN: |
|
880 | + if (class_exists('Plugin' . $plugin) !== false) { |
|
881 | + $output .= "if (class_exists('" . "Plugin" . $plugin . "')===false)". |
|
882 | + "\n\t\$this->getLoader()->loadPlugin('Plugin$plugin');\n"; |
|
883 | + } else { |
|
884 | + $output .= "if (class_exists('" . Core::NAMESPACE_PLUGINS_BLOCKS . "Plugin" . $plugin . "')===false)". |
|
885 | + "\n\t\$this->getLoader()->loadPlugin('Plugin$plugin');\n"; |
|
886 | + } |
|
887 | + break; |
|
888 | + case Core::CLASS_PLUGIN + Core::FUNC_PLUGIN: |
|
889 | + if (class_exists('Plugin' . $plugin) !== false) { |
|
890 | + $output .= "if (class_exists('" . "Plugin" . $plugin . "')===false)". |
|
900 | 891 | "\n\t\$this->getLoader()->loadPlugin('Plugin$plugin');\n"; |
901 | - } else { |
|
902 | - $output .= "if (function_exists('" . Core::NAMESPACE_PLUGINS_FUNCTIONS . "Plugin" . $plugin . "')===false)". |
|
892 | + } else { |
|
893 | + $output .= "if (class_exists('" . Core::NAMESPACE_PLUGINS_FUNCTIONS . "Plugin" . $plugin . "')===false)". |
|
903 | 894 | "\n\t\$this->getLoader()->loadPlugin('Plugin$plugin');\n"; |
904 | - } |
|
905 | - break; |
|
906 | - case Core::SMARTY_MODIFIER: |
|
907 | - $output .= "if (function_exists('smarty_modifier_$plugin')===false)". |
|
908 | - "\n\t\$this->getLoader()->loadPlugin('$plugin');\n"; |
|
909 | - break; |
|
910 | - case Core::SMARTY_FUNCTION: |
|
911 | - $output .= "if (function_exists('smarty_function_$plugin')===false)". |
|
912 | - "\n\t\$this->getLoader()->loadPlugin('$plugin');\n"; |
|
913 | - break; |
|
914 | - case Core::SMARTY_BLOCK: |
|
915 | - $output .= "if (function_exists('smarty_block_$plugin')===false)". |
|
916 | - "\n\t\$this->getLoader()->loadPlugin('$plugin');\n"; |
|
917 | - break; |
|
918 | - case Core::PROXY_PLUGIN: |
|
919 | - $output .= $this->getDwoo()->getPluginProxy()->getLoader($plugin); |
|
920 | - break; |
|
921 | - default: |
|
922 | - throw new CompilationException($this, 'Type error for ' . $plugin . ' with type' . $type); |
|
895 | + } |
|
896 | + break; |
|
897 | + case Core::FUNC_PLUGIN: |
|
898 | + if (function_exists('Plugin' . $plugin) !== false) { |
|
899 | + $output .= "if (function_exists('" . "Plugin" . $plugin . "')===false)". |
|
900 | + "\n\t\$this->getLoader()->loadPlugin('Plugin$plugin');\n"; |
|
901 | + } else { |
|
902 | + $output .= "if (function_exists('" . Core::NAMESPACE_PLUGINS_FUNCTIONS . "Plugin" . $plugin . "')===false)". |
|
903 | + "\n\t\$this->getLoader()->loadPlugin('Plugin$plugin');\n"; |
|
904 | + } |
|
905 | + break; |
|
906 | + case Core::SMARTY_MODIFIER: |
|
907 | + $output .= "if (function_exists('smarty_modifier_$plugin')===false)". |
|
908 | + "\n\t\$this->getLoader()->loadPlugin('$plugin');\n"; |
|
909 | + break; |
|
910 | + case Core::SMARTY_FUNCTION: |
|
911 | + $output .= "if (function_exists('smarty_function_$plugin')===false)". |
|
912 | + "\n\t\$this->getLoader()->loadPlugin('$plugin');\n"; |
|
913 | + break; |
|
914 | + case Core::SMARTY_BLOCK: |
|
915 | + $output .= "if (function_exists('smarty_block_$plugin')===false)". |
|
916 | + "\n\t\$this->getLoader()->loadPlugin('$plugin');\n"; |
|
917 | + break; |
|
918 | + case Core::PROXY_PLUGIN: |
|
919 | + $output .= $this->getDwoo()->getPluginProxy()->getLoader($plugin); |
|
920 | + break; |
|
921 | + default: |
|
922 | + throw new CompilationException($this, 'Type error for ' . $plugin . ' with type' . $type); |
|
923 | 923 | } |
924 | 924 | } |
925 | 925 |