library/HTMLPurifier/VarParser/Native.php

   1 <?php
   2
   3 /**
   4  * This variable parser uses PHP's internal code engine. Because it does
   5  * this, it can represent all inputs; however, it is dangerous and cannot
   6  * be used by users.
   7  */
   8 class HTMLPurifier_VarParser_Native extends HTMLPurifier_VarParser
   9 {
  10
  11     protected function parseImplementation($var, $type, $allow_null) {
  12         return $this->evalExpression($var);
  13     }
  14
  15     protected function evalExpression($expr) {
  16         $var = null;
  17         $result = eval("\$var = $expr;");
  18         if ($result === false) {
  19             throw new HTMLPurifier_VarParserException("Fatal error in evaluated code");
  20         }
  21         return $var;
  22     }
  23
  24 }
  25
  26 // vim: et sw=4 sts=4