From 5dd4649cbaaaa4948eaf10c11cf63e2cea5c0feb Mon Sep 17 00:00:00 2001 From: mohrt Date: Thu, 4 Apr 2002 20:34:44 +0000 Subject: [PATCH] added htmlall attribute to escape modifier --- NEWS | 1 + Smarty.class.php | 1 + docs/designers.sgml | 15 ++++++++------- libs/Smarty.class.php | 1 + libs/plugins/modifier.escape.php | 3 +++ plugins/modifier.escape.php | 3 +++ 6 files changed, 17 insertions(+), 7 deletions(-) diff --git a/NEWS b/NEWS index e6fad643..a8190df1 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,4 @@ + - added htmlall attribute to escape (Monte) - added template_exists() API function. (Andrei) - fixed a problem with using dynamic values for 'file' attribute of {include_php} tag. (Andrei) diff --git a/Smarty.class.php b/Smarty.class.php index e053be40..2a5bbe0c 100644 --- a/Smarty.class.php +++ b/Smarty.class.php @@ -741,6 +741,7 @@ function _generate_debug_output() { /* * Find out if the resource exists. */ + $readable = true; if ($resource_type == 'file' && !@is_file($resource_name)) { $readable = false; diff --git a/docs/designers.sgml b/docs/designers.sgml index 2f6c1c2a..1d2886ab 100644 --- a/docs/designers.sgml +++ b/docs/designers.sgml @@ -669,19 +669,20 @@ no title - This is used to html escape, url escape, escape single quotes on a - variable not already escaped, hex escape or hexentity escape. hex - and hexentity escape can be used in conjunction to hide "mailto:" - links on a page from web spiders (spam collectors) and yet keep - them readable and linkable. By default, the variable is html - escaped. + This is used to html (or htmlall) escape, url escape, escape single + quotes on a variable not already escaped, hex escape or hexentity + escape. hex and hexentity escape can be used in conjunction to hide + "mailto:" links on a page from web spiders (spam collectors) and + yet keep them readable and linkable. By default, the variable is + html escaped. escape {$articleTitle} {$articleTitle|escape} -{$articleTitle|escape:"html"} +{$articleTitle|escape:"html"} {* escapes & " ' < > *} +{$articleTitle|escape:"htmlall"} {* escapes ALL html entities *} {$articleTitle|escape:"url"} {$articleTitle|escape:"quotes"} <a diff --git a/libs/Smarty.class.php b/libs/Smarty.class.php index e053be40..2a5bbe0c 100644 --- a/libs/Smarty.class.php +++ b/libs/Smarty.class.php @@ -741,6 +741,7 @@ function _generate_debug_output() { /* * Find out if the resource exists. */ + $readable = true; if ($resource_type == 'file' && !@is_file($resource_name)) { $readable = false; diff --git a/libs/plugins/modifier.escape.php b/libs/plugins/modifier.escape.php index 575f891a..b49eec4b 100644 --- a/libs/plugins/modifier.escape.php +++ b/libs/plugins/modifier.escape.php @@ -14,6 +14,9 @@ function smarty_modifier_escape($string, $esc_type = 'html') case 'html': return htmlspecialchars($string, ENT_QUOTES); + case 'htmlall': + return htmlentities($string, ENT_QUOTES); + case 'url': return urlencode($string); diff --git a/plugins/modifier.escape.php b/plugins/modifier.escape.php index 575f891a..b49eec4b 100644 --- a/plugins/modifier.escape.php +++ b/plugins/modifier.escape.php @@ -14,6 +14,9 @@ function smarty_modifier_escape($string, $esc_type = 'html') case 'html': return htmlspecialchars($string, ENT_QUOTES); + case 'htmlall': + return htmlentities($string, ENT_QUOTES); + case 'url': return urlencode($string);