1 <?php
2 /**
3 * Smarty plugin
4 *
5 * @package Smarty
6 * @subpackage PluginsModifier
7 */
9 /**
10 * Smarty escape modifier plugin
11 *
12 * Type: modifier<br>
13 * Name: escape<br>
14 * Purpose: escape string for output
15 *
16 * @link http://smarty.php.net/manual/en/language.modifier.count.characters.php count_characters (Smarty online manual)
17 * @author Monte Ohrt <monte at ohrt dot com>
18 * @param string $string input string
19 * @param string $esc_type escape type
20 * @param string $char_set character set
21 * @return string escaped input string
22 */
23 function smarty_modifier_escape($string, $esc_type = 'html', $char_set = SMARTY_RESOURCE_CHAR_SET)
24 {
25 switch ($esc_type) {
26 case 'html':
27 return htmlspecialchars($string, ENT_QUOTES, $char_set);
29 case 'htmlall':
30 return htmlentities($string, ENT_QUOTES, $char_set);
32 case 'url':
33 return rawurlencode($string);
35 case 'urlpathinfo':
36 return str_replace('%2F', '/', rawurlencode($string));
38 case 'quotes':
39 // escape unescaped single quotes
40 return preg_replace("%(?<!\\\\)'%", "\\'", $string);
42 case 'hex':
43 // escape every character into hex
44 $return = '';
45 for ($x = 0; $x < strlen($string); $x++) {
46 $return .= '%' . bin2hex($string[$x]);
47 }
48 return $return;
50 case 'hexentity':
51 $return = '';
52 for ($x = 0; $x < strlen($string); $x++) {
53 $return .= '&#x' . bin2hex($string[$x]) . ';';
54 }
55 return $return;
57 case 'decentity':
58 $return = '';
59 for ($x = 0; $x < strlen($string); $x++) {
60 $return .= '&#' . ord($string[$x]) . ';';
61 }
62 return $return;
64 case 'javascript':
65 // escape quotes and backslashes, newlines, etc.
66 return strtr($string, array('\\' => '\\\\', "'" => "\\'", '"' => '\\"', "\r" => '\\r', "\n" => '\\n', '</' => '<\/'));
68 case 'mail':
69 require_once(SMARTY_PLUGINS_DIR . 'shared.mb_str_replace.php');
70 return smarty_mb_str_replace(array('@', '.'), array(' [AT] ', ' [DOT] '), $string);
72 case 'nonstd':
73 // escape non-standard chars, such as ms document quotes
74 $_res = '';
75 for($_i = 0, $_len = strlen($string); $_i < $_len; $_i++) {
76 $_ord = ord(substr($string, $_i, 1));
77 // non-standard char, escape it
78 if ($_ord >= 126) {
79 $_res .= '&#' . $_ord . ';';
80 } else {
81 $_res .= substr($string, $_i, 1);
82 }
83 }
84 return $_res;
86 default:
87 return $string;
88 }
89 }
91 ?>