PHP Fl_Static::fixPregReplaceQuote Examples

Programming Language: PHP

Class/Type: Fl_Static

Method/Function: fixPregReplaceQuote

Examples at hotexamples.com: 2

PHP Fl_Static::fixPregReplaceQuote - 2 examples found. These are the top rated real world PHP examples of Fl_Static::fixPregReplaceQuote extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

fixPregReplaceQuote(2)

getFixedUrl(2)

Example #1

Show file

File: XTemplate.class.php Project: liuguanyu/Fl

 /**
  * 
  * check xss or auto fixed
  * @param string $value
  * @param string $type
  * @param object $instance
  */
 public function xss($token, $type, $instance = null)
 {
     if ($token === true) {
         $value = Fl_Static::fixPregReplaceQuote(trim($instance));
         $type = Fl_Static::fixPregReplaceQuote($type);
         if (!$this->checkHasOutput($type, $this->xssTmp['instance']) || $this->isSafeVar($value)) {
             return $type;
         }
         $escapeType = $this->getXssType($value);
         $escapeLevels = $this->xssTmp['instance']->escapeLevel;
         $level = $escapeLevels[$escapeType];
         foreach ($escapeLevels as $name => $l) {
             if ($l > $level) {
                 $typeModifier = $this->xssTmp['instance']->options[$name];
                 if (strpos($value, $typeModifier) !== false) {
                     return $type;
                 }
             }
         }
         $typeModifier = $this->xssTmp['instance']->options[$escapeType];
         if (strpos($value, $typeModifier) === 0) {
             return $type;
         }
         $token = $this->xssTmp['token'];
         $message = '`' . $type . '` must be use ' . $typeModifier . ' to escape at line:' . $token['line'] . ', col:' . $token['col'];
         $this->xssTmp['log'][] = $message;
         if ($value[0] === '{') {
             return $this->xssTmp['instance']->ld . '{' . $typeModifier . '(' . substr($value, 1) . ')' . $this->xssTmp['instance']->rd;
         }
         return $this->xssTmp['instance']->ld . $typeModifier . '(' . $value . ')' . $this->xssTmp['instance']->rd;
     } else {
         $this->xssTmp = array("token" => $token, "type" => $type, "instance" => $instance, 'log' => array());
         $value = $token['value'];
         $tplPattern = "/(" . preg_quote($instance->ld, "/") . "(.*?)" . preg_quote($instance->rd, "/") . ")/e";
         $value = preg_replace($tplPattern, "self::xss(true, '\\1', '\\2')", $value);
         $log = $this->xssTmp['log'];
         $this->xssTmp = array();
         return array("value" => $value, "log" => $log);
     }
 }

Example #2

Show file

File: PHP.class.php Project: liuguanyu/Fl

 public function xss($token, $type, $instance = null)
 {
     if ($token === true) {
         $value = Fl_Static::fixPregReplaceQuote(trim($instance));
         $type = Fl_Static::fixPregReplaceQuote($type);
         $tokens = token_get_all($type);
         $result = array();
         $tmp = array();
         $flag = false;
         foreach ($tokens as $token) {
             $tokenName = '';
             if (is_array($token)) {
                 $tokenValue = $token[1];
             } else {
                 $tokenValue = $token;
             }
             if (is_array($token)) {
                 $tokenName = $token[0];
             }
             if ($tokenValue == ';' || $tokenName == T_CLOSE_TAG) {
                 $string = trim(join(" ", $tmp));
                 if (empty($string)) {
                     $result[] = $tokenValue;
                     continue;
                 }
                 if ($this->isSafeVar($string)) {
                     return $type;
                 }
                 $escapeType = $this->getXssType($value);
                 $escapeLevels = $this->xssTmp['instance']->escapeLevel;
                 $level = $escapeLevels[$escapeType];
                 foreach ($escapeLevels as $name => $l) {
                     if ($l > $level) {
                         $typeModifier = $this->xssTmp['instance']->options[$name];
                         if (strpos($value, $typeModifier) !== false) {
                             return $type;
                         }
                     }
                 }
                 $typeModifier = $this->xssTmp['instance']->options[$escapeType];
                 if (strpos($value, $typeModifier) !== false) {
                     return $type;
                 }
                 $tmpToken = $this->xssTmp['token'];
                 $message = '`' . $type . '` must be use ' . $typeModifier . ' to escape at line:' . $tmpToken['line'] . ', col:' . $token['col'];
                 $this->xssTmp['log'][] = $message;
                 $string = $typeModifier . '(' . $string . ')';
                 $result[] = $string;
                 $result[] = $tokenValue;
                 $tmp = array();
                 $flag = false;
                 continue;
             }
             if ($tokenName == T_ECHO) {
                 $result[] = $tokenValue;
                 $flag = true;
                 continue;
             }
             if ($flag) {
                 $tmp[] = $tokenValue;
             } else {
                 $result[] = $tokenValue;
             }
         }
         return join(" ", $result);
     } else {
         $this->xssTmp = array("token" => $token, "type" => $type, "instance" => $instance, 'log' => array());
         $value = $token['value'];
         $tplPattern = "/(" . preg_quote($instance->ld, "/") . "(.*?)" . preg_quote($instance->rd, "/") . ")/ise";
         $value = preg_replace($tplPattern, "self::xss(true, '\\1', '\\2')", $value);
         $log = $this->xssTmp['log'];
         $this->xssTmp = array();
         return array("value" => $value, "log" => $log);
     }
 }