Skip to content

GitLab

Commit d999c6f3 authored by Carsten Rose's avatar Carsten Rose
Browse files

Evaluate.php: Two new escape options 'l' and 'L'. Multiple escaping for one value now possible.

parent f287852c
Hide whitespace changes
Inline Side-by-side
extension/qfq/qfq/Evaluate.php
View file @ d999c6f3
......@@ -13,6 +13,7 @@ use qfq\Store;
require_once(__DIR__ . '/../qfq/store/Store.php');
require_once(__DIR__ . '/../qfq/Database.php');
require_once(__DIR__ . '/helper/Support.php');
/**
* Class Evaluate
......@@ -70,7 +71,7 @@ class Evaluate {
$value = trim($value);
// Skip comments.
if(substr($value,0,1)!='#') {
if (substr($value, 0, 1) != '#') {
$arr[$key] = $this->parse($value, 0, $debugStack);
}
}
......@@ -206,15 +207,25 @@ class Evaluate {
// escape ticks
if (is_string($value)) {
switch ($arr[3]) {
case TOKEN_ESCAPE_SINGLE_TICK:
$value = str_replace("'", "\\'", $value);
break;
case TOKEN_ESCAPE_DOUBLE_TICK:
$value = str_replace('"', '\\"', $value);
break;
default:
break;
// Process all escape requests in the given order.
for ($ii = 0; $ii < strlen($arr[3]); $ii++) {
$escape = $arr[3][$ii];
switch ($escape) {
case TOKEN_ESCAPE_SINGLE_TICK:
$value = str_replace("'", "\\'", $value);
break;
case TOKEN_ESCAPE_DOUBLE_TICK:
$value = str_replace('"', '\\"', $value);
break;
case TOKEN_LDAP_ESCAPE_FILTER:
$value = Support::ldap_escape($value, null, LDAP_ESCAPE_FILTER);
break;
case TOKEN_LDAP_ESCAPE_DN:
$value = Support::ldap_escape($value, null, LDAP_ESCAPE_DN);
break;
default:
break;
}
}
}
......
extension/qfq/tests/phpunit/EvaluateTest.php
View file @ d999c6f3
......@@ -322,6 +322,40 @@ class EvaluateTest extends \AbstractDatabaseTest {
$this->assertEquals('h\"e\' \'l\"lo \' ', $eval->substitute('a:F:all:d', $foundInStore));
$this->assertEquals(STORE_FORM, $foundInStore);
//---
$this->store->setVar('a', ' hello world ', STORE_FORM, true);
$this->assertEquals(' hello world ', $eval->substitute('a:F:all:l', $foundInStore));
$this->store->setVar('a', ' hel\lo world ', STORE_FORM, true);
$this->assertEquals(' hel\5clo world ', $eval->substitute('a:F:all:l', $foundInStore));
$this->store->setVar('a', ' hel*lo world ', STORE_FORM, true);
$this->assertEquals(' hel\2alo world ', $eval->substitute('a:F:all:l', $foundInStore));
$this->store->setVar('a', ' hel(lo world ', STORE_FORM, true);
$this->assertEquals(' hel\28lo world ', $eval->substitute('a:F:all:l', $foundInStore));
$this->store->setVar('a', ' hel)lo world ', STORE_FORM, true);
$this->assertEquals(' hel\29lo world ', $eval->substitute('a:F:all:l', $foundInStore));
$this->store->setVar('a', " hel\x00lo world ", STORE_FORM, true);
$this->assertEquals(' hel\00lo world ', $eval->substitute('a:F:all:l', $foundInStore));
$this->store->setVar('a', ' h\e*l(l)o world ', STORE_FORM, true);
$this->assertEquals(' h\5ce\2al\28l\29o world ', $eval->substitute('a:F:all:l', $foundInStore));
// LDAP_ESCAPE_FILTER => array('\\', '*', '(', ')', "\x00"),
// LDAP_ESCAPE_DN => array('\\', ',', '=', '+', '<', '>', ';', '"', '#'),
$this->store->setVar('a', ' hello world ', STORE_FORM, true);
$this->assertEquals('\20hello world\20', $eval->substitute('a:F:all:L', $foundInStore));
$this->store->setVar('a', 'h\e,l=l+o< >w;o"r#ld', STORE_FORM, true);
$this->assertEquals('h\5ce\2cl\3dl\2bo\3c \3ew\3bo\22r\23ld', $eval->substitute('a:F:all:L', $foundInStore));
$this->store->setVar('a', ' hel;lo world ', STORE_FORM, true);
$this->assertEquals('\20hel\3blo world\20', $eval->substitute('a:F:all:sL', $foundInStore));
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment