Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
typo3
qfq
Commits
d999c6f3
Commit
d999c6f3
authored
Mar 19, 2017
by
Carsten Rose
Browse files
Evaluate.php: Two new escape options 'l' and 'L'. Multiple escaping for one value now possible.
parent
f287852c
Changes
2
Hide whitespace changes
Inline
Side-by-side
extension/qfq/qfq/Evaluate.php
View file @
d999c6f3
...
...
@@ -13,6 +13,7 @@ use qfq\Store;
require_once
(
__DIR__
.
'/../qfq/store/Store.php'
);
require_once
(
__DIR__
.
'/../qfq/Database.php'
);
require_once
(
__DIR__
.
'/helper/Support.php'
);
/**
* Class Evaluate
...
...
@@ -70,7 +71,7 @@ class Evaluate {
$value
=
trim
(
$value
);
// Skip comments.
if
(
substr
(
$value
,
0
,
1
)
!=
'#'
)
{
if
(
substr
(
$value
,
0
,
1
)
!=
'#'
)
{
$arr
[
$key
]
=
$this
->
parse
(
$value
,
0
,
$debugStack
);
}
}
...
...
@@ -206,15 +207,25 @@ class Evaluate {
// escape ticks
if
(
is_string
(
$value
))
{
switch
(
$arr
[
3
])
{
case
TOKEN_ESCAPE_SINGLE_TICK
:
$value
=
str_replace
(
"'"
,
"
\\
'"
,
$value
);
break
;
case
TOKEN_ESCAPE_DOUBLE_TICK
:
$value
=
str_replace
(
'"'
,
'\\"'
,
$value
);
break
;
default
:
break
;
// Process all escape requests in the given order.
for
(
$ii
=
0
;
$ii
<
strlen
(
$arr
[
3
]);
$ii
++
)
{
$escape
=
$arr
[
3
][
$ii
];
switch
(
$escape
)
{
case
TOKEN_ESCAPE_SINGLE_TICK
:
$value
=
str_replace
(
"'"
,
"
\\
'"
,
$value
);
break
;
case
TOKEN_ESCAPE_DOUBLE_TICK
:
$value
=
str_replace
(
'"'
,
'\\"'
,
$value
);
break
;
case
TOKEN_LDAP_ESCAPE_FILTER
:
$value
=
Support
::
ldap_escape
(
$value
,
null
,
LDAP_ESCAPE_FILTER
);
break
;
case
TOKEN_LDAP_ESCAPE_DN
:
$value
=
Support
::
ldap_escape
(
$value
,
null
,
LDAP_ESCAPE_DN
);
break
;
default
:
break
;
}
}
}
...
...
extension/qfq/tests/phpunit/EvaluateTest.php
View file @
d999c6f3
...
...
@@ -322,6 +322,40 @@ class EvaluateTest extends \AbstractDatabaseTest {
$this
->
assertEquals
(
'h\"e\' \'l\"lo \' '
,
$eval
->
substitute
(
'a:F:all:d'
,
$foundInStore
));
$this
->
assertEquals
(
STORE_FORM
,
$foundInStore
);
//---
$this
->
store
->
setVar
(
'a'
,
' hello world '
,
STORE_FORM
,
true
);
$this
->
assertEquals
(
' hello world '
,
$eval
->
substitute
(
'a:F:all:l'
,
$foundInStore
));
$this
->
store
->
setVar
(
'a'
,
' hel\lo world '
,
STORE_FORM
,
true
);
$this
->
assertEquals
(
' hel\5clo world '
,
$eval
->
substitute
(
'a:F:all:l'
,
$foundInStore
));
$this
->
store
->
setVar
(
'a'
,
' hel*lo world '
,
STORE_FORM
,
true
);
$this
->
assertEquals
(
' hel\2alo world '
,
$eval
->
substitute
(
'a:F:all:l'
,
$foundInStore
));
$this
->
store
->
setVar
(
'a'
,
' hel(lo world '
,
STORE_FORM
,
true
);
$this
->
assertEquals
(
' hel\28lo world '
,
$eval
->
substitute
(
'a:F:all:l'
,
$foundInStore
));
$this
->
store
->
setVar
(
'a'
,
' hel)lo world '
,
STORE_FORM
,
true
);
$this
->
assertEquals
(
' hel\29lo world '
,
$eval
->
substitute
(
'a:F:all:l'
,
$foundInStore
));
$this
->
store
->
setVar
(
'a'
,
" hel
\x00
lo world "
,
STORE_FORM
,
true
);
$this
->
assertEquals
(
' hel\00lo world '
,
$eval
->
substitute
(
'a:F:all:l'
,
$foundInStore
));
$this
->
store
->
setVar
(
'a'
,
' h\e*l(l)o world '
,
STORE_FORM
,
true
);
$this
->
assertEquals
(
' h\5ce\2al\28l\29o world '
,
$eval
->
substitute
(
'a:F:all:l'
,
$foundInStore
));
// LDAP_ESCAPE_FILTER => array('\\', '*', '(', ')', "\x00"),
// LDAP_ESCAPE_DN => array('\\', ',', '=', '+', '<', '>', ';', '"', '#'),
$this
->
store
->
setVar
(
'a'
,
' hello world '
,
STORE_FORM
,
true
);
$this
->
assertEquals
(
'\20hello world\20'
,
$eval
->
substitute
(
'a:F:all:L'
,
$foundInStore
));
$this
->
store
->
setVar
(
'a'
,
'h\e,l=l+o< >w;o"r#ld'
,
STORE_FORM
,
true
);
$this
->
assertEquals
(
'h\5ce\2cl\3dl\2bo\3c \3ew\3bo\22r\23ld'
,
$eval
->
substitute
(
'a:F:all:L'
,
$foundInStore
));
$this
->
store
->
setVar
(
'a'
,
' hel;lo world '
,
STORE_FORM
,
true
);
$this
->
assertEquals
(
'\20hel\3blo world\20'
,
$eval
->
substitute
(
'a:F:all:sL'
,
$foundInStore
));
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment