| 1 | <?php |
|---|
| 2 | |
|---|
| 3 | /* |
|---|
| 4 | * This file is part of Twig. |
|---|
| 5 | * |
|---|
| 6 | * (c) 2009 Fabien Potencier |
|---|
| 7 | * |
|---|
| 8 | * For the full copyright and license information, please view the LICENSE |
|---|
| 9 | * file that was distributed with this source code. |
|---|
| 10 | */ |
|---|
| 11 | class Twig_Extension_Escaper extends Twig_Extension |
|---|
| 12 | { |
|---|
| 13 | protected $defaultStrategy; |
|---|
| 14 | |
|---|
| 15 | public function __construct($defaultStrategy = 'html') |
|---|
| 16 | { |
|---|
| 17 | $this->setDefaultStrategy($defaultStrategy); |
|---|
| 18 | } |
|---|
| 19 | |
|---|
| 20 | /** |
|---|
| 21 | * Returns the token parser instances to add to the existing list. |
|---|
| 22 | * |
|---|
| 23 | * @return array An array of Twig_TokenParserInterface or Twig_TokenParserBrokerInterface instances |
|---|
| 24 | */ |
|---|
| 25 | public function getTokenParsers() |
|---|
| 26 | { |
|---|
| 27 | return array(new Twig_TokenParser_AutoEscape()); |
|---|
| 28 | } |
|---|
| 29 | |
|---|
| 30 | /** |
|---|
| 31 | * Returns the node visitor instances to add to the existing list. |
|---|
| 32 | * |
|---|
| 33 | * @return array An array of Twig_NodeVisitorInterface instances |
|---|
| 34 | */ |
|---|
| 35 | public function getNodeVisitors() |
|---|
| 36 | { |
|---|
| 37 | return array(new Twig_NodeVisitor_Escaper()); |
|---|
| 38 | } |
|---|
| 39 | |
|---|
| 40 | /** |
|---|
| 41 | * Returns a list of filters to add to the existing list. |
|---|
| 42 | * |
|---|
| 43 | * @return array An array of filters |
|---|
| 44 | */ |
|---|
| 45 | public function getFilters() |
|---|
| 46 | { |
|---|
| 47 | return array( |
|---|
| 48 | 'raw' => new Twig_Filter_Function('twig_raw_filter', array('is_safe' => array('all'))), |
|---|
| 49 | ); |
|---|
| 50 | } |
|---|
| 51 | |
|---|
| 52 | /** |
|---|
| 53 | * Sets the default strategy to use when not defined by the user. |
|---|
| 54 | * |
|---|
| 55 | * The strategy can be a valid PHP callback that takes the template |
|---|
| 56 | * "filename" as an argument and returns the strategy to use. |
|---|
| 57 | * |
|---|
| 58 | * @param mixed $defaultStrategy An escaping strategy |
|---|
| 59 | */ |
|---|
| 60 | public function setDefaultStrategy($defaultStrategy) |
|---|
| 61 | { |
|---|
| 62 | // for BC |
|---|
| 63 | if (true === $defaultStrategy) { |
|---|
| 64 | $defaultStrategy = 'html'; |
|---|
| 65 | } |
|---|
| 66 | |
|---|
| 67 | $this->defaultStrategy = $defaultStrategy; |
|---|
| 68 | } |
|---|
| 69 | |
|---|
| 70 | /** |
|---|
| 71 | * Gets the default strategy to use when not defined by the user. |
|---|
| 72 | * |
|---|
| 73 | * @param string $filename The template "filename" |
|---|
| 74 | * |
|---|
| 75 | * @return string The default strategy to use for the template |
|---|
| 76 | */ |
|---|
| 77 | public function getDefaultStrategy($filename) |
|---|
| 78 | { |
|---|
| 79 | // disable string callables to avoid calling a function named html or js, |
|---|
| 80 | // or any other upcoming escaping strategy |
|---|
| 81 | if (!is_string($this->defaultStrategy) && is_callable($this->defaultStrategy)) { |
|---|
| 82 | return call_user_func($this->defaultStrategy, $filename); |
|---|
| 83 | } |
|---|
| 84 | |
|---|
| 85 | return $this->defaultStrategy; |
|---|
| 86 | } |
|---|
| 87 | |
|---|
| 88 | /** |
|---|
| 89 | * Returns the name of the extension. |
|---|
| 90 | * |
|---|
| 91 | * @return string The extension name |
|---|
| 92 | */ |
|---|
| 93 | public function getName() |
|---|
| 94 | { |
|---|
| 95 | return 'escaper'; |
|---|
| 96 | } |
|---|
| 97 | } |
|---|
| 98 | |
|---|
| 99 | /** |
|---|
| 100 | * Marks a variable as being safe. |
|---|
| 101 | * |
|---|
| 102 | * @param string $string A PHP variable |
|---|
| 103 | */ |
|---|
| 104 | function twig_raw_filter($string) |
|---|
| 105 | { |
|---|
| 106 | return $string; |
|---|
| 107 | } |
|---|
