/** * Magic PHP method that intercepts method calls, calls them on the objects * that is being escaped and escapes the result. * * The calling of the method is changed slightly to accommodate passing a * specific escaping strategy. An additional parameter is appended to the * argument list which is the escaping strategy. The decorator will remove * and use this parameter as the escaping strategy if it begins with 'esc_'. * * For example if an object, $o, implements methods a() and b($arg): * * $o->a() // Escapes the return value of a() * $o->a('esc_raw') // Uses the escaping strategy 'raw' with a() * $o->b('a') // Escapes the return value of b('a') * $o->b('a', 'esc_raw'); // Uses the escaping strategy 'raw' with b('a') * * @param string $method The method on the object to be called * @param array $args An array of arguments to be passed to the method * * @return mixed The escaped value returned by the method */ public function __call($method, $args) { if (count($args) > 0) { $escaper = $args[count($args) - 1]; if (is_string($escaper) && 'esc_' === substr($escaper, 0, 4)) { $escaper = substr($escaper, 4); array_pop($args); } else { $escaper = $this->escaper; } } else { $escaper = $this->escaper; } $value = call_user_func_array(array($this->value, $method), $args); return Escaper::escape($escaper, $value); }
/** * Returns the escaped value associated with the key supplied. * * Typically (using this implementation) the raw value is obtained using the * {@link getRaw()} method, escaped and the result returned. * * @param string $key The key to retieve * @param string $escapingMethod The escaping method (a PHP function) to use * * @return mixed The escaped value */ public function get($key, $escapingMethod = null) { if (!$escapingMethod) { $escapingMethod = $this->escapingMethod; } return Escaper::escape($escapingMethod, $this->getRaw($key)); }
/** * Returns the escaped value associated with the key supplied. * * Typically (using this implementation) the raw value is obtained using the * {@link getRaw()} method, escaped and the result returned. * * @param string $key The key to retrieve * @param string $escaper The escaping method (a PHP function) to use * * @return mixed The escaped value */ public function get($key, $escaper = null) { if (!$escaper) { $escaper = $this->escaper; } return Escaper::escape($escaper, $this->getRaw($key)); }
/** * Magic PHP method that intercepts method calls, calls them on the objects * that is being escaped and escapes the result. * * The calling of the method is changed slightly to accommodate passing a * specific escaping strategy. An additional parameter is appended to the * argument list which is the escaping strategy. The decorator will remove * and use this parameter as the escaping strategy if it begins with 'esc_' * (the prefix all escaping helper functions have). * * For example if an object, $o, implements methods a() and b($arg): * * $o->a() // Escapes the return value of a() * $o->a(ESC_RAW) // Uses the escaping method ESC_RAW with a() * $o->b('a') // Escapes the return value of b('a') * $o->b('a', ESC_RAW); // Uses the escaping method ESC_RAW with b('a') * * @param string $method The method on the object to be called * @param array $args An array of arguments to be passed to the method * * @return mixed The escaped value returned by the method */ public function __call($method, $args) { if (count($args) > 0) { $escapingMethod = $args[count($args) - 1]; if (is_string($escapingMethod) && substr($escapingMethod, 0, 4) === 'esc_') { array_pop($args); } else { $escapingMethod = $this->escapingMethod; } } else { $escapingMethod = $this->escapingMethod; } $value = call_user_func_array(array($this->value, $method), $args); return Escaper::escape($escapingMethod, $value); }
/** * Register autoescaping on template variables. * * @param \greebo\essence\Event $event */ static function register(\greebo\essence\Event $event) { $event->connect('template.slots', function ($template, $slots) { foreach ($slots as $name => $slot) { $slots[$name] = Escaper::escape($slot, $template->escaper()); } return $slots; }); }
/** * Returns the element associated with the offset supplied (as required by the ArrayAccess interface). * * @param string $offset The offset of the value to get * * @return mixed The escaped value */ public function offsetGet($offset) { return Escaper::escape($this->escaper, $this->value[$offset]); }
/** * Escapes a key from the array using the specified escaper. * * @param string $key The array key * @param string $escaper The escaping strategy prefixed with esc_ (see __call()) */ public function getEscapedKey($key, $escaper) { return Escaper::escape(substr($escaper, 4), $this->value[$key]); }
/** * Escapes and gets the current element (as required by the Iterator interface). * * @return mixed The escaped value */ public function current() { return Escaper::escape($this->escaper, $this->iterator->current()); }
/** * Object method call. * * Return the escaped value of the property. * * @param string $name * @return mixed */ function __call($method, $args) { return Escaper::escape(call_user_func_array(array($this->value, $method), $args), $this->escaper); }