diff options
Diffstat (limited to 'ratatoeskr/sys')
| -rw-r--r-- | ratatoeskr/sys/Esc.php | 22 | ||||
| -rw-r--r-- | ratatoeskr/sys/translation.php | 4 | ||||
| -rw-r--r-- | ratatoeskr/sys/utils.php | 18 |
3 files changed, 34 insertions, 10 deletions
diff --git a/ratatoeskr/sys/Esc.php b/ratatoeskr/sys/Esc.php new file mode 100644 index 0000000..eaefc10 --- /dev/null +++ b/ratatoeskr/sys/Esc.php @@ -0,0 +1,22 @@ +<?php + + +namespace r7r\cms\sys; + +class Esc +{ + public const HTML = 1; + public const NL2BR = 2; + public const HTML_WITH_BR = self::HTML | self::NL2BR; + + public static function esc(string $s, int $flags = self::HTML): string + { + if ($flags & self::HTML) { + $s = htmlspecialchars($s, ENT_QUOTES, "UTF-8"); + } + if ($flags & self::NL2BR) { + $s = nl2br($s); + } + return $s; + } +} diff --git a/ratatoeskr/sys/translation.php b/ratatoeskr/sys/translation.php index fd494c1..0679ca7 100644 --- a/ratatoeskr/sys/translation.php +++ b/ratatoeskr/sys/translation.php @@ -9,6 +9,8 @@ * See "ratatoeskr/licenses/ratatoeskr" for more information. */ +use r7r\cms\sys\Esc; + require_once(dirname(__FILE__) . "/utils.php"); require_once(dirname(__FILE__) . "/init_ste.php"); @@ -28,7 +30,7 @@ if (!defined("TRANSLATION_PLUGIN_LOADED")) { return ""; } $rv = $translation[$params["for"]]; - return (!empty($params["raw"])) ? $rv : htmlesc($rv); + return (!empty($params["raw"])) ? $rv : Esc::esc($rv); } ); define("TRANSLATION_PLUGIN_LOADED", true); diff --git a/ratatoeskr/sys/utils.php b/ratatoeskr/sys/utils.php index a285bcd..8a848eb 100644 --- a/ratatoeskr/sys/utils.php +++ b/ratatoeskr/sys/utils.php @@ -22,6 +22,9 @@ * * An array with $val $n-times repeated. */ + +use r7r\cms\sys\Esc; + function array_repeat($val, $n) { $rv = []; @@ -40,19 +43,16 @@ function intcmp($a, $b) return ($a == $b) ? 0 : (($a < $b) ? -1 : 1); } -/* - * Function: htmlesc +/** * Escape HTML (shorter than htmlspecialchars) * - * Parameters: - * $text - Input text. - * - * Returns: - * HTML + * @param mixed $text Input text + * @return string HTML + * @deprecated Use {@see Esc::esc()} instead. */ -function htmlesc($text) +function htmlesc($text): string { - return htmlspecialchars($text, ENT_QUOTES, "UTF-8"); + return Esc::esc($text); } /* |