mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 22:10:45 +02:00
Code Issues Releases Wiki Activity

[ticket/13847] Changed enquote() logic to use whichever is the shortest

Browse Source 
Will enclose attribute values in single- or double- quotes depending on
whichever requires the least escaping. Characters that need to be escaped
are always escaped regardless.

PHPBB3-13847
This commit is contained in:
JoshyPHP
2015-05-19 23:10:35 +02:00
parent 8a077e0e94
commit e50d9186ce
2 changed files with 19 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
phpBB/phpbb/textformatter/s9e/utils.php
View File

@@ -37,7 +37,7 @@ class utils implements \phpbb\textformatter\utils_interface
/**
* Return given string between quotes
*
* Will use either single- or double- quotes depending on whichever requires to be escaped.
* Will use either single- or double- quotes depending on whichever requires less escaping.
* Quotes and backslashes are escaped with backslashes where necessary
*
* @param string $str Original string
@@ -45,9 +45,10 @@ class utils implements \phpbb\textformatter\utils_interface
*/
protected function enquote($str)
{
$quote = (strpos($str, '"') === false || strpos($str, "'") !== false) ? '"' : "'";
$singleQuoted = "'" . addcslashes($str, "\\'") . "'";
$doubleQuoted = '"' . addcslashes($str, '\\"') . '"';
return $quote . addcslashes($str, '\\' . $quote) . $quote;
return (strlen($singleQuoted) < strlen($doubleQuoted)) ? $singleQuoted : $doubleQuoted;
}
/**