[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pecl-cvs
Subject:    [PECL-CVS] cvs: pecl(FULMAR) /sdo/SCA SCA_Helper.php
From:       "Caroline Maynard" <cem () php ! net>
Date:       2007-11-30 10:34:51
Message-ID: cvscem1196418891 () cvsserver
[Download RAW message or body]

cem		Fri Nov 30 10:34:51 2007 UTC

  Modified files:              (Branch: FULMAR)
    /pecl/sdo/SCA	SCA_Helper.php 
  Log:
  htmlspecialchars wrapper for xml data
  
http://cvs.php.net/viewvc.cgi/pecl/sdo/SCA/SCA_Helper.php?r1=1.7.4.4&r2=1.7.4.5&diff_format=u
Index: pecl/sdo/SCA/SCA_Helper.php
diff -u pecl/sdo/SCA/SCA_Helper.php:1.7.4.4 pecl/sdo/SCA/SCA_Helper.php:1.7.4.5
--- pecl/sdo/SCA/SCA_Helper.php:1.7.4.4	Thu Nov 22 18:15:57 2007
+++ pecl/sdo/SCA/SCA_Helper.php	Fri Nov 30 10:34:51 2007
@@ -23,14 +23,14 @@
 |         Caroline Maynard,                                                   |
 |         Simon Laws                                                          |
 +-----------------------------------------------------------------------------+
-$Id: SCA_Helper.php,v 1.7.4.4 2007/11/22 18:15:57 mfp Exp $
+$Id: SCA_Helper.php,v 1.7.4.5 2007/11/30 10:34:51 cem Exp $
 */
 
 require "SCA/SCA_Exceptions.php";
 
 if ( ! class_exists('SCA_Helper', false) ) {
     class SCA_Helper {
-
+        
         private static $tmpdir;
 
         public static function guessClassName($class_file)
@@ -476,6 +476,33 @@
             }
         }        
 
+        private static $CD_START = '<![CDATA[';
+        private static $CD_END = ']]>';
+        
+        /**
+         * Escapes HTML special chars, excluding data in CDATA sections,
+         * and avoiding double-escaping (that is, &amp; does NOT become &amp;amp;)
+         */
+        public static function encodeXmlData($raw = "")
+        {
+
+            if (!preg_match('/[&\'\"\<\>]/', $raw))
+                return $raw;
+
+            $out = "";
+            $remaining = $raw;
+            while (($cdata_pos = strpos($remaining, CD_START)) !== FALSE) {
+                $out .= htmlspecialchars(substr($remaining, 0, $cdata_pos), 
+                        ENT_QUOTES, NULL, 0);
+                $remaining = substr($remaining, $cdata_pos);
+                $cd_end_pos = strlen(CD_END) + strpos($remaining, CD_END);
+                $out .= substr($remaining, 0, $cd_end_pos);
+                $remaining = substr($remaining, $cd_end_pos);
+            }
+            $out .= htmlspecialchars($remaining, ENT_QUOTES, NULL, 0);
+            return $out;
+        }
+        
     }/* End SCA_Helper class                                                       */
 
 }/* End instance check                                                             */

-- 
PECL CVS Mailing List 
To unsubscribe, visit: http://www.php.net/unsub.php

[prev in list] [next in list] [prev in thread] [next in thread]