Added X-out of blank boxes for security.
[openemr.git] / library / plugins / modifier.escape.php
blobb49795543632c404025095956aa6bb32d4c87838
1 <?php
2 /**
3 * Smarty plugin
4 * @package Smarty
5 * @subpackage plugins
6 */
9 /**
10 * Smarty escape modifier plugin
12 * Type: modifier<br>
13 * Name: escape<br>
14 * Purpose: Escape the string according to escapement type
15 * @link http://smarty.php.net/manual/en/language.modifier.escape.php
16 * escape (Smarty online manual)
17 * @param string
18 * @param html|htmlall|url|quotes|hex|hexentity|javascript
19 * @return string
21 function smarty_modifier_escape($string, $esc_type = 'html')
23 switch ($esc_type) {
24 case 'html':
25 return htmlspecialchars($string, ENT_QUOTES);
27 case 'htmlall':
28 return htmlentities($string, ENT_QUOTES);
30 case 'url':
31 return urlencode($string);
33 case 'quotes':
34 // escape unescaped single quotes
35 return preg_replace("%(?<!\\\\)'%", "\\'", $string);
37 case 'hex':
38 // escape every character into hex
39 $return = '';
40 for ($x=0; $x < strlen($string); $x++) {
41 $return .= '%' . bin2hex($string[$x]);
43 return $return;
45 case 'hexentity':
46 $return = '';
47 for ($x=0; $x < strlen($string); $x++) {
48 $return .= '&#x' . bin2hex($string[$x]) . ';';
50 return $return;
52 case 'javascript':
53 // escape quotes and backslashes and newlines
54 return strtr($string, array('\\'=>'\\\\',"'"=>"\\'",'"'=>'\\"',"\r"=>'\\r',"\n"=>'\\n'));
56 default:
57 return $string;
61 /* vim: set expandtab: */