added htmlall attribute to escape modifier

2025-08-04 18:34:27 +02:00 · 2002-04-04 20:34:44 +00:00
parent 873f47f7a8
commit 5dd4649cba
6 changed files with 17 additions and 7 deletions
--- a/1
+++ b/1
@@ -1,3 +1,4 @@
+    - added htmlall attribute to escape (Monte)
    - added template_exists() API function. (Andrei)
    - fixed a problem with using dynamic values for 'file'
      attribute of {include_php} tag. (Andrei)
--- a/Smarty.class.php
+++ b/Smarty.class.php
@@ -741,6 +741,7 @@ function _generate_debug_output() {
        /*
         * Find out if the resource exists.
         */
+		
        $readable = true;
        if ($resource_type == 'file' && !@is_file($resource_name)) {
            $readable = false;
--- a/docs/designers.sgml
+++ b/docs/designers.sgml
@@ -669,19 +669,20 @@ no title</programlisting>
                </tgroup>
            </informaltable>
 			<para>
-			This is used to html escape, url escape, escape single quotes on a
-			variable not already escaped, hex escape or hexentity escape. hex
-			and hexentity escape can be used in conjunction to hide "mailto:"
-			links on a page from web spiders (spam collectors) and yet keep
-			them readable and linkable. By default, the variable is html
-			escaped.
+			This is used to html (or htmlall) escape, url escape, escape single
+			quotes on a variable not already escaped, hex escape or hexentity
+			escape. hex and hexentity escape can be used in conjunction to hide
+			"mailto:" links on a page from web spiders (spam collectors) and
+			yet keep them readable and linkable. By default, the variable is
+			html escaped.
 			</para>
 <example>
 <title>escape</title>
 <programlisting>
 {$articleTitle}
 {$articleTitle|escape}
-{$articleTitle|escape:"html"}
+{$articleTitle|escape:"html"}    {* escapes  &amp; &quot; &#039; &lt; &gt; *}
+{$articleTitle|escape:"htmlall"} {* escapes ALL html entities *}
 {$articleTitle|escape:"url"}
 {$articleTitle|escape:"quotes"}
 &lt;a
--- a/libs/Smarty.class.php
+++ b/libs/Smarty.class.php
@@ -741,6 +741,7 @@ function _generate_debug_output() {
        /*
         * Find out if the resource exists.
         */
+		
        $readable = true;
        if ($resource_type == 'file' && !@is_file($resource_name)) {
            $readable = false;
--- a/libs/plugins/modifier.escape.php
+++ b/libs/plugins/modifier.escape.php
@@ -14,6 +14,9 @@ function smarty_modifier_escape($string, $esc_type = 'html')
        case 'html':
            return htmlspecialchars($string, ENT_QUOTES);

+        case 'htmlall':
+            return htmlentities($string, ENT_QUOTES);
+
        case 'url':
            return urlencode($string);

--- a/plugins/modifier.escape.php
+++ b/plugins/modifier.escape.php
@@ -14,6 +14,9 @@ function smarty_modifier_escape($string, $esc_type = 'html')
        case 'html':
            return htmlspecialchars($string, ENT_QUOTES);

+        case 'htmlall':
+            return htmlentities($string, ENT_QUOTES);
+
        case 'url':
            return urlencode($string);