smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-03 09:54:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Removed some unused code for clarity, updated the changelog.

Browse Source
This commit is contained in:
Progi1984
2022-11-18 09:58:47 +01:00
parent 9fee14e7af
commit 4c39c543d4
3 changed files with 14 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [Unreleased] ## [Unreleased]
### Added
- PHP8.2 compatibility [#775](https://github.com/smarty-php/smarty/pull/775)
### Changed ### Changed
- Include docs and demo in the releases [#799](https://github.com/smarty-php/smarty/issues/799) - Include docs and demo in the releases [#799](https://github.com/smarty-php/smarty/issues/799)
- Using PHP functions as modifiers now triggers a deprecation notice because we will drop support for this in the next major release [#813](https://github.com/smarty-php/smarty/issues/813) - Using PHP functions as modifiers now triggers a deprecation notice because we will drop support for this in the next major release [#813](https://github.com/smarty-php/smarty/issues/813)

72
libs/plugins/modifier.escape.php
View File

@@ -23,7 +23,6 @@
*/ */
function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $double_encode = true) function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $double_encode = true)
{ {
static $_double_encode = true;
static $is_loaded_1 = false; static $is_loaded_1 = false;
static $is_loaded_2 = false; static $is_loaded_2 = false;
if (!$char_set) { if (!$char_set) {
@@ -34,89 +33,18 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $
switch ($esc_type) { switch ($esc_type) {
case 'html': case 'html':
if ($_double_encode) {
// php >=5.3.2 - go native
return htmlspecialchars($string, ENT_QUOTES, $char_set, $double_encode); return htmlspecialchars($string, ENT_QUOTES, $char_set, $double_encode);
} else {
if ($double_encode) {
// php <5.2.3 - only handle double encoding
return htmlspecialchars($string, ENT_QUOTES, $char_set);
} else {
// php <5.2.3 - prevent double encoding
$string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string);
$string = htmlspecialchars($string, ENT_QUOTES, $char_set);
$string = str_replace(
array(
'%%%SMARTY_START%%%',
'%%%SMARTY_END%%%'
),
array(
'&',
';'
),
$string
);
return $string;
}
}
// no break // no break
case 'htmlall': case 'htmlall':
if (Smarty::$_MBSTRING) { if (Smarty::$_MBSTRING) {
// mb_convert_encoding ignores htmlspecialchars()
if ($_double_encode) {
// php >=5.3.2 - go native
$string = htmlspecialchars($string, ENT_QUOTES, $char_set, $double_encode); $string = htmlspecialchars($string, ENT_QUOTES, $char_set, $double_encode);
} else {
if ($double_encode) {
// php <5.2.3 - only handle double encoding
$string = htmlspecialchars($string, ENT_QUOTES, $char_set);
} else {
// php <5.2.3 - prevent double encoding
$string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string);
$string = htmlspecialchars($string, ENT_QUOTES, $char_set);
$string =
str_replace(
array(
'%%%SMARTY_START%%%',
'%%%SMARTY_END%%%'
),
array(
'&',
';'
),
$string
);
return $string;
}
}
// htmlentities() won't convert everything, so use mb_convert_encoding // htmlentities() won't convert everything, so use mb_convert_encoding
$string = mb_convert_encoding($string, 'UTF-8', $char_set); $string = mb_convert_encoding($string, 'UTF-8', $char_set);
$string = htmlentities($string); $string = htmlentities($string);
return htmlspecialchars_decode($string); return htmlspecialchars_decode($string);
} }
// no MBString fallback // no MBString fallback
if ($_double_encode) {
return htmlentities($string, ENT_QUOTES, $char_set, $double_encode); return htmlentities($string, ENT_QUOTES, $char_set, $double_encode);
} else {
if ($double_encode) {
return htmlentities($string, ENT_QUOTES, $char_set);
} else {
$string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string);
$string = htmlentities($string, ENT_QUOTES, $char_set);
$string = str_replace(
array(
'%%%SMARTY_START%%%',
'%%%SMARTY_END%%%'
),
array(
'&',
';'
),
$string
);
return $string;
}
}
// no break // no break
case 'url': case 'url':
return rawurlencode($string); return rawurlencode($string);

27
libs/plugins/modifiercompiler.escape.php
View File

@@ -18,12 +18,10 @@
* @param Smarty_Internal_TemplateCompilerBase $compiler * @param Smarty_Internal_TemplateCompilerBase $compiler
* *
* @return string with compiled code * @return string with compiled code
* @throws \SmartyException * @throws SmartyException
*/ */
function smarty_modifiercompiler_escape($params, Smarty_Internal_TemplateCompilerBase $compiler) function smarty_modifiercompiler_escape($params, Smarty_Internal_TemplateCompilerBase $compiler)
{ {
static $_double_encode = true;
static $is_loaded = false;
$compiler->template->_checkPlugins( $compiler->template->_checkPlugins(
array( array(
array( array(
@@ -41,41 +39,18 @@ function smarty_modifiercompiler_escape($params, Smarty_Internal_TemplateCompile
} }
switch ($esc_type) { switch ($esc_type) {
case 'html': case 'html':
if ($_double_encode) {
return 'htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' . return 'htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' .
var_export($double_encode, true) . ')'; var_export($double_encode, true) . ')';
} elseif ($double_encode) {
return 'htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ')';
} else {
// fall back to modifier.escape.php
}
// no break // no break
case 'htmlall': case 'htmlall':
if (Smarty::$_MBSTRING) { if (Smarty::$_MBSTRING) {
if ($_double_encode) {
// php >=5.2.3 - go native
return 'htmlspecialchars_decode(mb_convert_encoding(htmlentities(htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . return 'htmlspecialchars_decode(mb_convert_encoding(htmlentities(htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' .
var_export($char_set, true) . ', ' . var_export($double_encode, true) . var_export($char_set, true) . ', ' . var_export($double_encode, true) .
'), ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401, ' . var_export($char_set, true) . '),' . var_export($char_set, true) . '))'; '), ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401, ' . var_export($char_set, true) . '),' . var_export($char_set, true) . '))';
} elseif ($double_encode) {
// php <5.2.3 - only handle double encoding
return 'htmlspecialchars_decode(mb_convert_encoding(htmlentities(htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' .
var_export($char_set, true) . '), ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401, ' . var_export($char_set, true) . '), ' . var_export($char_set, true) . '))';
} else {
// fall back to modifier.escape.php
}
} }
// no MBString fallback // no MBString fallback
if ($_double_encode) {
// php >=5.2.3 - go native
return 'htmlentities((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' . return 'htmlentities((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' .
var_export($double_encode, true) . ')'; var_export($double_encode, true) . ')';
} elseif ($double_encode) {
// php <5.2.3 - only handle double encoding
return 'htmlentities((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ')';
} else {
// fall back to modifier.escape.php
}
// no break // no break
case 'url': case 'url':
return 'rawurlencode((string)' . $params[ 0 ] . ')'; return 'rawurlencode((string)' . $params[ 0 ] . ')';