| 
									
										
										
										
											2011-10-05 15:22:53 +11:00
										 |  |  | <?php | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | /* | 
					
						
							|  |  |  |  * This file is part of Twig. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * (c) 2009 Fabien Potencier | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * For the full copyright and license information, please view the LICENSE | 
					
						
							|  |  |  |  * file that was distributed with this source code. | 
					
						
							|  |  |  |  */ | 
					
						
							|  |  |  | class Twig_Extension_Escaper extends Twig_Extension | 
					
						
							|  |  |  | { | 
					
						
							| 
									
										
										
										
											2013-08-01 15:20:12 -04:00
										 |  |  |     protected $defaultStrategy; | 
					
						
							| 
									
										
										
										
											2011-10-05 15:22:53 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2013-08-01 15:20:12 -04:00
										 |  |  |     public function __construct($defaultStrategy = 'html') | 
					
						
							| 
									
										
										
										
											2011-10-05 15:22:53 +11:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2013-08-01 15:20:12 -04:00
										 |  |  |         $this->setDefaultStrategy($defaultStrategy); | 
					
						
							| 
									
										
										
										
											2011-10-05 15:22:53 +11:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Returns the token parser instances to add to the existing list. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @return array An array of Twig_TokenParserInterface or Twig_TokenParserBrokerInterface instances | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function getTokenParsers() | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         return array(new Twig_TokenParser_AutoEscape()); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Returns the node visitor instances to add to the existing list. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @return array An array of Twig_NodeVisitorInterface instances | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function getNodeVisitors() | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         return array(new Twig_NodeVisitor_Escaper()); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Returns a list of filters to add to the existing list. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @return array An array of filters | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function getFilters() | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         return array( | 
					
						
							| 
									
										
										
										
											2013-08-01 15:20:12 -04:00
										 |  |  |             new Twig_SimpleFilter('raw', 'twig_raw_filter', array('is_safe' => array('all'))), | 
					
						
							| 
									
										
										
										
											2011-10-05 15:22:53 +11:00
										 |  |  |         ); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2013-08-01 15:20:12 -04:00
										 |  |  |     /** | 
					
						
							|  |  |  |      * Sets the default strategy to use when not defined by the user. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * The strategy can be a valid PHP callback that takes the template | 
					
						
							|  |  |  |      * "filename" as an argument and returns the strategy to use. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @param mixed $defaultStrategy An escaping strategy | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function setDefaultStrategy($defaultStrategy) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         // for BC
 | 
					
						
							|  |  |  |         if (true === $defaultStrategy) { | 
					
						
							|  |  |  |             $defaultStrategy = 'html'; | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         $this->defaultStrategy = $defaultStrategy; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Gets the default strategy to use when not defined by the user. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @param string $filename The template "filename" | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @return string The default strategy to use for the template | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function getDefaultStrategy($filename) | 
					
						
							| 
									
										
										
										
											2011-10-05 15:22:53 +11:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2013-08-01 15:20:12 -04:00
										 |  |  |         // disable string callables to avoid calling a function named html or js,
 | 
					
						
							|  |  |  |         // or any other upcoming escaping strategy
 | 
					
						
							|  |  |  |         if (!is_string($this->defaultStrategy) && is_callable($this->defaultStrategy)) { | 
					
						
							|  |  |  |             return call_user_func($this->defaultStrategy, $filename); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return $this->defaultStrategy; | 
					
						
							| 
									
										
										
										
											2011-10-05 15:22:53 +11:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Returns the name of the extension. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @return string The extension name | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public function getName() | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         return 'escaper'; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | /** | 
					
						
							|  |  |  |  * Marks a variable as being safe. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * @param string $string A PHP variable | 
					
						
							|  |  |  |  */ | 
					
						
							|  |  |  | function twig_raw_filter($string) | 
					
						
							|  |  |  | { | 
					
						
							|  |  |  |     return $string; | 
					
						
							|  |  |  | } |