mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-28 06:08:52 +00:00
[ticket/11095] Python quoteattr port.
PHPBB3-11095
This commit is contained in:
Oleg Pudeyev
parent
83e85810aa
commit
9c0a03f1d5
2 changed files with 91 additions and 0 deletions
|
|
@ -4893,6 +4893,53 @@ function phpbb_http_login($param)
|
||||||
trigger_error('NOT_AUTHORISED');
|
trigger_error('NOT_AUTHORISED');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Escapes and quotes a string for use as an HTML/XML attribute value.
|
||||||
|
*
|
||||||
|
* This is a port of Python xml.sax.saxutils quoteattr.
|
||||||
|
*
|
||||||
|
* The function will attempt to choose a quote character in such a way as to
|
||||||
|
* avoid escaping quotes in the string. If this is not possible the string will
|
||||||
|
* be wrapped in double quotes and double quotes will be escaped.
|
||||||
|
*
|
||||||
|
* @param string $data The string to be escaped
|
||||||
|
* @param array $entities Associative array of additional entities to be escaped
|
||||||
|
* @return string Escaped and quoted string
|
||||||
|
*/
|
||||||
|
function phpbb_quoteattr($data, $entities = null)
|
||||||
|
{
|
||||||
|
$data = str_replace('&', '&', $data);
|
||||||
|
$data = str_replace('>', '>', $data);
|
||||||
|
$data = str_replace('<', '<', $data);
|
||||||
|
|
||||||
|
$data = str_replace("\n", ' ', $data);
|
||||||
|
$data = str_replace("\r", ' ', $data);
|
||||||
|
$data = str_replace("\t", '	', $data);
|
||||||
|
|
||||||
|
if (!empty($entities))
|
||||||
|
{
|
||||||
|
$data = str_replace(array_keys($entities), array_values($entities), $data);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (strpos($data, '"') !== false)
|
||||||
|
{
|
||||||
|
if (strpos($data, "'") !== false)
|
||||||
|
{
|
||||||
|
$data = '"' . str_replace('"', '"', $data) . '"';
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$data = "'" . $data . "'";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$data = '"' . $data . '"';
|
||||||
|
}
|
||||||
|
|
||||||
|
return $data;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Generate page header
|
* Generate page header
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
44
tests/functions/quoteattr_test.php
Normal file
44
tests/functions/quoteattr_test.php
Normal file
|
|
@ -0,0 +1,44 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @package testing
|
||||||
|
* @copyright (c) 2012 phpBB Group
|
||||||
|
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
|
||||||
|
|
||||||
|
class phpbb_quoteattr_test extends phpbb_test_case
|
||||||
|
{
|
||||||
|
public function quoteattr_test_data()
|
||||||
|
{
|
||||||
|
return array(
|
||||||
|
array('foo', null, '"foo"'),
|
||||||
|
array('', null, '""'),
|
||||||
|
array(' ', null, '" "'),
|
||||||
|
array('<a>', null, '"<a>"'),
|
||||||
|
array('&', null, '"&amp;"'),
|
||||||
|
array('"hello"', null, "'\"hello\"'"),
|
||||||
|
array("'hello'", null, "\"'hello'\""),
|
||||||
|
array("\"'", null, "\""'\""),
|
||||||
|
array("a\nb", null, '"a b"'),
|
||||||
|
array("a\r\nb", null, '"a b"'),
|
||||||
|
array("a\tb", null, '"a	b"'),
|
||||||
|
array('a b', null, '"a b"'),
|
||||||
|
array('"a<b"', null, "'\"a<b\"'"),
|
||||||
|
array('foo', array('f' => 'z'), '"zoo"'),
|
||||||
|
array('<a>', array('a' => '&'), '"<&>"'),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @dataProvider quoteattr_test_data
|
||||||
|
*/
|
||||||
|
public function test_quoteattr($input, $entities, $expected)
|
||||||
|
{
|
||||||
|
$output = phpbb_quoteattr($input, $entities);
|
||||||
|
|
||||||
|
$this->assertEquals($expected, $output);
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Add table
Reference in a new issue