smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-04 10:24:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

removed global vars from fetch function, added attrs to escape modifier

Browse Source
This commit is contained in:
mohrt
2002-02-20 20:56:53 +00:00
parent 910f005321
commit edcc3b7d8e
4 changed files with 31 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
NEWS
View File

@@ -1,7 +1,8 @@
- added "hex" and "hexentity" attributes to escape modifier (Monte)
- removed dependency on PEAR. (Andrei) - removed dependency on PEAR. (Andrei)
- update popup_init to accept src attribute. (Monte, Duncan Forrest) - update popup_init to accept src attribute. (Monte, Duncan Forrest)
- implemented several optimizations, speeding up Smarty significantly in - implemented several optimizations, speeding up Smarty significantly in
most cases. (Andrei) most cases. (Andrei,Monte)
- implemented plugin architecture. (Andrei) - implemented plugin architecture. (Andrei)
- added modifiers wordwrap and indent. (Monte) - added modifiers wordwrap and indent. (Monte)
- added support for 'If-Modified-Since' headers for cached content. (Monte) - added support for 'If-Modified-Since' headers for cached content. (Monte)

9
docs.sgml
View File

@@ -5513,8 +5513,11 @@ no title
</tgroup> </tgroup>
</informaltable> </informaltable>
<para> <para>
This is used to html escape, url escape, or escape single quotes on This is used to html escape, url escape, escape single quotes on a
a variable not already escaped. By default, the variable is html variable not already escaped, hex escape or hexentity escape. hex
and hexentity escape can be used in conjunction to hide "mailto:"
links on a page from web spiders (spam collectors) and yet keep
them readable and linkable. By default, the variable is html
escaped. escaped.
</para> </para>
<example> <example>
@@ -5526,6 +5529,7 @@ no title
{$articleTitle|escape:"html"} {$articleTitle|escape:"html"}
{$articleTitle|escape:"url"} {$articleTitle|escape:"url"}
{$articleTitle|escape:"quotes"} {$articleTitle|escape:"quotes"}
<a href="mailto:{$EmailAddress|escape:"hex"}">{$EmailAddress|escape:"hexentity"}</a>
OUTPUT: OUTPUT:
@@ -5534,6 +5538,7 @@ OUTPUT:
'Stiff%20Opposition%20Expected%20to%20Casketless%20Funeral%20Plan' 'Stiff%20Opposition%20Expected%20to%20Casketless%20Funeral%20Plan'
'Stiff+Opposition+Expected+to+Casketless+Funeral+Plan' 'Stiff+Opposition+Expected+to+Casketless+Funeral+Plan'
\'Stiff Opposition Expected to Casketless Funeral Plan\' \'Stiff Opposition Expected to Casketless Funeral Plan\'
<a href="mailto:%62%6f%62%40%6d%65%2e%6e%65%74">&#x62;&#x6f;&#x62;&#x40;&#x6d;&#x65;&#x2e;&#x6e;&#x65;&#x74;</a>
</programlisting> </programlisting>
</example> </example>

11
libs/plugins/modifier.escape.php
View File

@@ -21,6 +21,17 @@ function smarty_modifier_escape($string, $esc_type = 'html')
// escape unescaped single quotes // escape unescaped single quotes
return preg_replace("%(?<!\\\\)'%", "\\'", $string); return preg_replace("%(?<!\\\\)'%", "\\'", $string);
case 'hex':
// escape every character into hex
for ($x=0; $x<strlen($string); $x++) {
$return .= '%'.bin2hex($string[$x]);
}
return $return;
case 'hexentity':
for ($x=0; $x<strlen($string); $x++) {
$return .= '&#x'.bin2hex($string[$x]).';';
}
return $return;
default: default:
return $string; return $string;
} }

11
plugins/modifier.escape.php
View File

@@ -21,6 +21,17 @@ function smarty_modifier_escape($string, $esc_type = 'html')
// escape unescaped single quotes // escape unescaped single quotes
return preg_replace("%(?<!\\\\)'%", "\\'", $string); return preg_replace("%(?<!\\\\)'%", "\\'", $string);
case 'hex':
// escape every character into hex
for ($x=0; $x<strlen($string); $x++) {
$return .= '%'.bin2hex($string[$x]);
}
return $return;
case 'hexentity':
for ($x=0; $x<strlen($string); $x++) {
$return .= '&#x'.bin2hex($string[$x]).';';
}
return $return;
default: default:
return $string; return $string;
} }