コード例 #1
0
ファイル: Engine.php プロジェクト: CodingFabian/symfony
 protected function escapeParameters(array $parameters)
 {
     if (false !== $this->escaper) {
         Escaper::setCharset($this->getCharset());
         $parameters['_data'] = Escaper::escape($this->escaper, $parameters);
         foreach ($parameters['_data'] as $key => $value) {
             $parameters[$key] = $value;
         }
     } else {
         $parameters['_data'] = Escaper::escape('raw', $parameters);
     }
     return $parameters;
 }
コード例 #2
0
class OutputEscaperTest
{
  public function __toString()
  {
    return $this->getTitle();
  }

  public function getTitle()
  {
    return '<strong>escaped!</strong>';
  }

  public function getTitles()
  {
    return array(1, 2, '<strong>escaped!</strong>');
  }
}

$object = new OutputEscaperTest();
$escaped = Escaper::escape('entities', $object);

$t->is($escaped->getTitle(), '&lt;strong&gt;escaped!&lt;/strong&gt;', 'The escaped object behaves like the real object');

$array = $escaped->getTitles();
$t->is($array[2], '&lt;strong&gt;escaped!&lt;/strong&gt;', 'The escaped object behaves like the real object');

// __toString()
$t->diag('__toString()');

$t->is($escaped->__toString(), '&lt;strong&gt;escaped!&lt;/strong&gt;', 'The escaped object behaves like the real object');
コード例 #3
0
$t->diag('::unescape() unescapes strings');
$t->is(Escaper::unescape('&lt;strong&gt;escaped!&lt;/strong&gt;'), '<strong>escaped!</strong>', '::unescape() returns an unescaped string if the value to unescape is a string');
$t->is(Escaper::unescape('&lt;strong&gt;&eacute;chapp&eacute;&lt;/strong&gt;'), '<strong>échappé</strong>', '::unescape() returns an unescaped string if the value to unescape is a string');
$t->diag('::unescape() unescapes arrays');
$input = Escaper::escape('esc_entities', array('foo' => '<strong>escaped!</strong>', 'bar' => array('foo' => '<strong>escaped!</strong>')));
$output = Escaper::unescape($input);
$t->ok(is_array($output), '::unescape() returns an array if the input is a ArrayDecorator object');
$t->is($output['foo'], '<strong>escaped!</strong>', '::unescape() unescapes all elements of the original array');
$t->is($output['bar']['foo'], '<strong>escaped!</strong>', '::unescape() is recursive');
$t->diag('::unescape() unescapes objects');
$object = new OutputEscaperTestClass();
$input = Escaper::escape('esc_entities', $object);
$output = Escaper::unescape($input);
$t->ok($output instanceof OutputEscaperTestClass, '::unescape() returns the original object when a ObjectDecorator object is passed');
$t->is($output->getTitle(), '<strong>escaped!</strong>', '::unescape() unescapes all methods of the original object');
$t->is($output->title, '<strong>escaped!</strong>', '::unescape() unescapes all properties of the original object');
$t->is($output->getTitleTitle(), '<strong>escaped!</strong>', '::unescape() is recursive');
$t->ok(IteratorDecorator::unescape(Escaper::escape('esc_entities', new DirectoryIterator('.'))) instanceof DirectoryIterator, '::unescape() unescapes IteratorDecorator objects');
$t->diag('::unescape() does not unescape object marked as being safe');
$t->ok(Escaper::unescape(Escaper::escape('esc_entities', new Safe(new OutputEscaperTestClass()))) instanceof OutputEscaperTestClass, '::unescape() returns the original value if it is marked as being safe');
Escaper::markClassAsSafe('OutputEscaperTestClass');
$t->ok(Escaper::unescape(Escaper::escape('esc_entities', new OutputEscaperTestClass())) instanceof OutputEscaperTestClass, '::unescape() returns the original value if the object class is marked as being safe');
$t->ok(Escaper::unescape(Escaper::escape('esc_entities', new OutputEscaperTestClassChild())) instanceof OutputEscaperTestClassChild, '::unescape() returns the original value if one of the object parent class is marked as being safe');
$t->diag('::unescape() do nothing to resources');
$fh = fopen(__FILE__, 'r');
$t->is(Escaper::unescape($fh), $fh, '::unescape() do nothing to resources');
$t->diag('::unescape() unescapes mixed arrays');
$object = new OutputEscaperTestClass();
$input = array('foo' => 'bar', 'bar' => Escaper::escape('esc_entities', '<strong>bar</strong>'), 'foobar' => Escaper::escape('esc_entities', $object));
$output = array('foo' => 'bar', 'bar' => '<strong>bar</strong>', 'foobar' => $object);
$t->is(Escaper::unescape($input), $output, '::unescape() unescapes values with some escaped and unescaped values');
コード例 #4
0
ファイル: EscaperTest.php プロジェクト: CodingFabian/symfony
 public function testUnescapeUnescapesMixedArrays()
 {
     $object = new OutputEscaperTestClass();
     $input = array('foo' => 'bar', 'bar' => Escaper::escape('entities', '<strong>bar</strong>'), 'foobar' => Escaper::escape('entities', $object));
     $output = array('foo' => 'bar', 'bar' => '<strong>bar</strong>', 'foobar' => $object);
     $this->assertEquals(Escaper::unescape($input), $output, '::unescape() unescapes values with some escaped and unescaped values');
 }
コード例 #5
0
ファイル: EscaperTest.php プロジェクト: nicolasmartin/symfony
$t->is($output->getTitle(), '<strong>escaped!</strong>', '::unescape() unescapes all methods of the original object');
$t->is($output->title, '<strong>escaped!</strong>', '::unescape() unescapes all properties of the original object');
$t->is($output->getTitleTitle(), '<strong>escaped!</strong>', '::unescape() is recursive');

$t->ok(IteratorDecorator::unescape(Escaper::escape('entities', new DirectoryIterator('.'))) instanceof DirectoryIterator, '::unescape() unescapes IteratorDecorator objects');

$t->diag('::unescape() does not unescape object marked as being safe');
$t->ok(Escaper::unescape(Escaper::escape('entities', new Safe(new OutputEscaperTestClass()))) instanceof OutputEscaperTestClass, '::unescape() returns the original value if it is marked as being safe');

Escaper::markClassAsSafe('OutputEscaperTestClass');
$t->ok(Escaper::unescape(Escaper::escape('entities', new OutputEscaperTestClass())) instanceof OutputEscaperTestClass, '::unescape() returns the original value if the object class is marked as being safe');
$t->ok(Escaper::unescape(Escaper::escape('entities', new OutputEscaperTestClassChild())) instanceof OutputEscaperTestClassChild, '::unescape() returns the original value if one of the object parent class is marked as being safe');

$t->diag('::unescape() do nothing to resources');
$fh = fopen(__FILE__, 'r');
$t->is(Escaper::unescape($fh), $fh, '::unescape() do nothing to resources');

$t->diag('::unescape() unescapes mixed arrays');
$object = new OutputEscaperTestClass();
$input = array(
  'foo'    => 'bar',
  'bar'    => Escaper::escape('entities', '<strong>bar</strong>'),
  'foobar' => Escaper::escape('entities', $object),
);
$output = array(
  'foo'    => 'bar',
  'bar'    => '<strong>bar</strong>',
  'foobar' => $object,
);
$t->is(Escaper::unescape($input), $output, '::unescape() unescapes values with some escaped and unescaped values');
コード例 #6
0
 public static function setUpBeforeClass()
 {
     $object = new OutputEscaperTest();
     self::$escaped = Escaper::escape('entities', $object);
 }
コード例 #7
0
 public static function setUpBeforeClass()
 {
     $a = array('<strong>escaped!</strong>', 1, null, array(2, '<strong>escaped!</strong>'));
     self::$escaped = Escaper::escape('entities', $a);
 }
コード例 #8
0
<?php

/*
 * This file is part of the symfony package.
 *
 * (c) Fabien Potencier <*****@*****.**>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */
require_once __DIR__ . '/../../../bootstrap.php';
use Symfony\Components\OutputEscaper\Escaper;
$t = new LimeTest(11);
$a = array('<strong>escaped!</strong>', 1, null, array(2, '<strong>escaped!</strong>'));
$escaped = Escaper::escape('esc_entities', $a);
// ->getRaw()
$t->diag('->getRaw()');
$t->is($escaped->getRaw(0), '<strong>escaped!</strong>', '->getRaw() returns the raw value');
// ArrayAccess interface
$t->diag('ArrayAccess interface');
$t->is($escaped[0], '&lt;strong&gt;escaped!&lt;/strong&gt;', 'The escaped object behaves like an array');
$t->is($escaped[2], null, 'The escaped object behaves like an array');
$t->is($escaped[3][1], '&lt;strong&gt;escaped!&lt;/strong&gt;', 'The escaped object behaves like an array');
$t->ok(isset($escaped[1]), 'The escaped object behaves like an array (isset)');
$t->diag('ArrayAccess interface is read only');
try {
    unset($escaped[0]);
    $t->fail('The escaped object is read only (unset)');
} catch (\LogicException $e) {
    $t->pass('The escaped object is read only (unset)');
}