function twig_escape_filter in Translation template extractor 6.3

Same name and namespace in other branches

1. 7.3 vendor/Twig/Extension/Core.php \twig_escape_filter()

Escapes a string.

Parameters

Twig_Environment $env A Twig_Environment instance:

string $string The value to be escaped:

string $strategy The escaping strategy:

string $charset The charset:

bool $autoescape Whether the function is called by the auto-escaping feature (true) or by the developer (false):

1 string reference to 'twig_escape_filter'

Twig_Extension_Core::getFilters in vendor/Twig/Extension/Core.php

Returns a list of filters to add to the existing list.

File

vendor/Twig/Extension/Core.php, line 956

Code

function twig_escape_filter(Twig_Environment $env, $string, $strategy = 'html', $charset = null, $autoescape = false) {
  if ($autoescape && $string instanceof Twig_Markup) {
    return $string;
  }
  if (!is_string($string)) {
    if (is_object($string) && method_exists($string, '__toString')) {
      $string = (string) $string;
    }
    else {
      return $string;
    }
  }
  if (null === $charset) {
    $charset = $env
      ->getCharset();
  }
  switch ($strategy) {
    case 'html':

      // see http://php.net/htmlspecialchars
      // Using a static variable to avoid initializing the array
      // each time the function is called. Moving the declaration on the
      // top of the function slow downs other escaping strategies.
      static $htmlspecialcharsCharsets;
      if (null === $htmlspecialcharsCharsets) {
        if (defined('HHVM_VERSION')) {
          $htmlspecialcharsCharsets = array(
            'utf-8' => true,
            'UTF-8' => true,
          );
        }
        else {
          $htmlspecialcharsCharsets = array(
            'ISO-8859-1' => true,
            'ISO8859-1' => true,
            'ISO-8859-15' => true,
            'ISO8859-15' => true,
            'utf-8' => true,
            'UTF-8' => true,
            'CP866' => true,
            'IBM866' => true,
            '866' => true,
            'CP1251' => true,
            'WINDOWS-1251' => true,
            'WIN-1251' => true,
            '1251' => true,
            'CP1252' => true,
            'WINDOWS-1252' => true,
            '1252' => true,
            'KOI8-R' => true,
            'KOI8-RU' => true,
            'KOI8R' => true,
            'BIG5' => true,
            '950' => true,
            'GB2312' => true,
            '936' => true,
            'BIG5-HKSCS' => true,
            'SHIFT_JIS' => true,
            'SJIS' => true,
            '932' => true,
            'EUC-JP' => true,
            'EUCJP' => true,
            'ISO8859-5' => true,
            'ISO-8859-5' => true,
            'MACROMAN' => true,
          );
        }
      }
      if (isset($htmlspecialcharsCharsets[$charset])) {
        return htmlspecialchars($string, ENT_QUOTES | ENT_SUBSTITUTE, $charset);
      }
      if (isset($htmlspecialcharsCharsets[strtoupper($charset)])) {

        // cache the lowercase variant for future iterations
        $htmlspecialcharsCharsets[$charset] = true;
        return htmlspecialchars($string, ENT_QUOTES | ENT_SUBSTITUTE, $charset);
      }
      $string = twig_convert_encoding($string, 'UTF-8', $charset);
      $string = htmlspecialchars($string, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
      return twig_convert_encoding($string, $charset, 'UTF-8');
    case 'js':

      // escape all non-alphanumeric characters
      // into their \xHH or \uHHHH representations
      if ('UTF-8' != $charset) {
        $string = twig_convert_encoding($string, 'UTF-8', $charset);
      }
      if (0 == strlen($string) ? false : (1 == preg_match('/^./su', $string) ? false : true)) {
        throw new Twig_Error_Runtime('The string to escape is not a valid UTF-8 string.');
      }
      $string = preg_replace_callback('#[^a-zA-Z0-9,\\._]#Su', '_twig_escape_js_callback', $string);
      if ('UTF-8' != $charset) {
        $string = twig_convert_encoding($string, $charset, 'UTF-8');
      }
      return $string;
    case 'css':
      if ('UTF-8' != $charset) {
        $string = twig_convert_encoding($string, 'UTF-8', $charset);
      }
      if (0 == strlen($string) ? false : (1 == preg_match('/^./su', $string) ? false : true)) {
        throw new Twig_Error_Runtime('The string to escape is not a valid UTF-8 string.');
      }
      $string = preg_replace_callback('#[^a-zA-Z0-9]#Su', '_twig_escape_css_callback', $string);
      if ('UTF-8' != $charset) {
        $string = twig_convert_encoding($string, $charset, 'UTF-8');
      }
      return $string;
    case 'html_attr':
      if ('UTF-8' != $charset) {
        $string = twig_convert_encoding($string, 'UTF-8', $charset);
      }
      if (0 == strlen($string) ? false : (1 == preg_match('/^./su', $string) ? false : true)) {
        throw new Twig_Error_Runtime('The string to escape is not a valid UTF-8 string.');
      }
      $string = preg_replace_callback('#[^a-zA-Z0-9,\\.\\-_]#Su', '_twig_escape_html_attr_callback', $string);
      if ('UTF-8' != $charset) {
        $string = twig_convert_encoding($string, $charset, 'UTF-8');
      }
      return $string;
    case 'url':

      // hackish test to avoid version_compare that is much slower, this works unless PHP releases a 5.10.*
      // at that point however PHP 5.2.* support can be removed
      if (PHP_VERSION < '5.3.0') {
        return str_replace('%7E', '~', rawurlencode($string));
      }
      return rawurlencode($string);
    default:
      static $escapers;
      if (null === $escapers) {
        $escapers = $env
          ->getExtension('core')
          ->getEscapers();
      }
      if (isset($escapers[$strategy])) {
        return call_user_func($escapers[$strategy], $env, $string, $charset);
      }
      $validStrategies = implode(', ', array_merge(array(
        'html',
        'js',
        'url',
        'css',
        'html_attr',
      ), array_keys($escapers)));
      throw new Twig_Error_Runtime(sprintf('Invalid escaping strategy "%s" (valid ones: %s).', $strategy, $validStrategies));
  }
}