escapeJson() public static method

Do necessary escaping to output JSON.
public static escapeJson ( mixed $data, array $options = [] ) : string
$data mixed The data to JSON-ify.
$options array Additional options: - nodelimit: (boolean) Don't add security delimiters? DEFAULT: false - urlencode: (boolean) URL encode the json string DEFAULT: false
return string The escaped string.
Beispiel #1
0
 /**
  */
 protected function _attach($init)
 {
     global $page_output;
     if ($init) {
         $page_output->addScriptPackage('Horde_Core_Script_Package_Dialog');
         $page_output->addScriptFile('passphrase.js', 'imp');
     }
     $params = isset($this->_params['params']) ? $this->_params['params'] : array();
     if (isset($params['reload'])) {
         $params['reload'] = strval($params['reload']);
     }
     switch ($this->_params['type']) {
         case 'pgpPersonal':
             $text = _("Enter your personal PGP passphrase.");
             break;
         case 'pgpSymmetric':
             $text = _("Enter the passphrase used to encrypt this message.");
             break;
         case 'smimePersonal':
             $text = _("Enter your personal S/MIME passphrase.");
             break;
     }
     $js_params = array('hidden' => array_merge($params, array('type' => $this->_params['type'])), 'text' => $text);
     $js = 'ImpPassphraseDialog.display(' . Horde::escapeJson($js_params, array('nodelimit' => true)) . ')';
     if (!empty($this->_params['onload'])) {
         $page_output->addInlineScript(array($js), true);
         return false;
     }
     return $js;
 }
Beispiel #2
0
 /**
  */
 public function send()
 {
     $json = str_replace("", '', Horde::escapeJson($this->_jsonData()));
     if ($this->jsonhtml) {
         header('Content-Type: text/html; charset=UTF-8');
         echo htmlspecialchars($json, null, 'UTF-8');
     } else {
         header('Content-Type: application/json');
         echo $json;
     }
 }
Beispiel #3
0
 /**
  * Send response data to browser.
  *
  * @deprecated
  *
  * @param mixed $data  The data to serialize and send to the browser.
  * @param string $ct   The content-type to send the data with.  Either
  *                     'json', 'js-json', 'html', 'plain', and 'xml'.
  */
 public static function sendHTTPResponse($data, $ct)
 {
     // Output headers and encoded response.
     switch ($ct) {
         case 'json':
         case 'js-json':
             /* JSON responses are a structured object which always
              * includes the response in a member named 'response', and an
              * additional array of messages in 'msgs' which may be updates
              * for the server or notification messages.
              *
              * Make sure no null bytes sneak into the JSON output stream.
              * Null bytes cause IE to stop reading from the input stream,
              * causing malformed JSON data and a failed request.  These
              * bytes don't seem to break any other browser, but might as
              * well remove them anyway.
              *
              * Finally, add prototypejs security delimiters to returned
              * JSON. */
             $s_data = str_replace("", '', Horde::escapeJson($data));
             if ($ct == 'json') {
                 header('Content-Type: application/json');
                 echo $s_data;
             } else {
                 header('Content-Type: text/html; charset=UTF-8');
                 echo htmlspecialchars($s_data);
             }
             break;
         case 'html':
         case 'plain':
         case 'xml':
             $s_data = is_string($data) ? $data : $data->response;
             header('Content-Type: text/' . $ct . '; charset=UTF-8');
             echo $s_data;
             break;
         default:
             echo $data;
     }
     exit;
 }
Beispiel #4
0
 /**
  */
 public function send()
 {
     header('Content-Type: application/json');
     echo str_replace("", '', Horde::escapeJson($this->data));
 }