6 * @subpackage PluginsModifierCompiler
12 require_once(SMARTY_PLUGINS_DIR . 'shared.literal_compiler_param.php');
15 * Smarty escape modifier plugin
18 * Purpose: escape string for output
20 * @link http://www.smarty.net/docsv2/en/language.modifier.escape count_characters (Smarty online manual)
23 * @param array $params parameters
26 * @return string with compiled code
28 function smarty_modifiercompiler_escape($params, $compiler)
30 static $_double_encode = null;
31 if ($_double_encode === null) {
32 $_double_encode = version_compare(PHP_VERSION, '5.2.3', '>=');
36 $esc_type = smarty_literal_compiler_param($params, 1, 'html');
37 $char_set = smarty_literal_compiler_param($params, 2, Smarty::$_CHARSET);
38 $double_encode = smarty_literal_compiler_param($params, 3, true);
41 $char_set = Smarty::$_CHARSET;
46 if ($_double_encode) {
47 return 'htmlspecialchars('
48 . $params[0] . ', ENT_QUOTES, '
49 . var_export($char_set, true) . ', '
50 . var_export($double_encode, true) . ')';
51 } elseif ($double_encode) {
52 return 'htmlspecialchars('
53 . $params[0] . ', ENT_QUOTES, '
54 . var_export($char_set, true) . ')';
56 // fall back to modifier.escape.php
60 if (Smarty::$_MBSTRING) {
61 if ($_double_encode) {
62 // php >=5.2.3 - go native
63 return 'mb_convert_encoding(htmlspecialchars('
64 . $params[0] . ', ENT_QUOTES, '
65 . var_export($char_set, true) . ', '
66 . var_export($double_encode, true)
67 . '), "HTML-ENTITIES", '
68 . var_export($char_set, true) . ')';
69 } elseif ($double_encode) {
70 // php <5.2.3 - only handle double encoding
71 return 'mb_convert_encoding(htmlspecialchars('
72 . $params[0] . ', ENT_QUOTES, '
73 . var_export($char_set, true)
74 . '), "HTML-ENTITIES", '
75 . var_export($char_set, true) . ')';
77 // fall back to modifier.escape.php
81 // no MBString fallback
82 if ($_double_encode) {
83 // php >=5.2.3 - go native
84 return 'htmlentities('
85 . $params[0] . ', ENT_QUOTES, '
86 . var_export($char_set, true) . ', '
87 . var_export($double_encode, true) . ')';
88 } elseif ($double_encode) {
89 // php <5.2.3 - only handle double encoding
90 return 'htmlentities('
91 . $params[0] . ', ENT_QUOTES, '
92 . var_export($char_set, true) . ')';
94 // fall back to modifier.escape.php
98 return 'rawurlencode(' . $params[0] . ')';
101 return 'str_replace("%2F", "/", rawurlencode(' . $params[0] . '))';
104 // escape unescaped single quotes
105 return 'preg_replace("%(?<!\\\\\\\\)\'%", "\\\'",' . $params[0] . ')';
108 // escape quotes and backslashes, newlines, etc.
109 return 'strtr(' . $params[0] . ', array("\\\\" => "\\\\\\\\", "\'" => "\\\\\'", "\"" => "\\\\\"", "\\r" => "\\\\r", "\\n" => "\\\n", "</" => "<\/" ))';
112 catch (SmartyException $e) {
113 // pass through to regular plugin fallback
116 // could not optimize |escape call, so fallback to regular plugin
117 if ($compiler->template->caching && ($compiler->tag_nocache | $compiler->nocache)) {
118 $compiler->template->required_plugins['nocache']['escape']['modifier']['file'] = SMARTY_PLUGINS_DIR . 'modifier.escape.php';
119 $compiler->template->required_plugins['nocache']['escape']['modifier']['function'] = 'smarty_modifier_escape';
121 $compiler->template->required_plugins['compiled']['escape']['modifier']['file'] = SMARTY_PLUGINS_DIR . 'modifier.escape.php';
122 $compiler->template->required_plugins['compiled']['escape']['modifier']['function'] = 'smarty_modifier_escape';
125 return 'smarty_modifier_escape(' . join(', ', $params) . ')';