* Name: escape
* Purpose: escape string for output * * @link http://smarty.php.net/manual/en/language.modifier.count.characters.php count_characters (Smarty online manual) * @author Monte Ohrt * @param string $string input string * @param string $esc_type escape type * @param string $char_set character set * @return string escaped input string */ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = SMARTY_RESOURCE_CHAR_SET) { if (!function_exists('mb_str_replace') && function_exists('mb_strlen')) { // simulate the missing PHP mb_str_replace function function mb_str_replace($needle, $replacement, $haystack) { $needle_len = mb_strlen($needle); $replacement_len = mb_strlen($replacement); $pos = mb_strpos($haystack, $needle, 0); while ($pos !== false) { $haystack = mb_substr($haystack, 0, $pos) . $replacement . mb_substr($haystack, $pos + $needle_len); $pos = mb_strpos($haystack, $needle, $pos + $replacement_len); } return $haystack; } } switch ($esc_type) { case 'html': return htmlspecialchars($string, ENT_QUOTES, $char_set); case 'htmlall': return htmlentities($string, ENT_QUOTES, $char_set); case 'url': return rawurlencode($string); case 'urlpathinfo': return str_replace('%2F', '/', rawurlencode($string)); case 'quotes': // escape unescaped single quotes return preg_replace("%(? '\\\\', "'" => "\\'", '"' => '\\"', "\r" => '\\r', "\n" => '\\n', ' '<\/')); case 'mail': // safe way to display e-mail address on a web page if (function_exists('mb_str_replace')) { return mb_str_replace(array('@', '.'), array(' [AT] ', ' [DOT] '), $string); } else { return str_replace(array('@', '.'), array(' [AT] ', ' [DOT] '), $string); } case 'nonstd': // escape non-standard chars, such as ms document quotes $_res = ''; for($_i = 0, $_len = strlen($string); $_i < $_len; $_i++) { $_ord = ord(substr($string, $_i, 1)); // non-standard char, escape it if ($_ord >= 126) { $_res .= '&#' . $_ord . ';'; } else { $_res .= substr($string, $_i, 1); } } return $_res; default: return $string; } } ?>