Dear HTML::Template users!
I wrote extentions for ESCAPE=XXXXX of TMPL_VAR with H::T 2.6.
Please review and merge!
1. ESCAPE=BR
keep CR/LF with <BR> and *NOT* HTML encoding.
This is useful for BBS(only XSS safe site, e.g. announcement,
in-company use(anchor saved), etc...).
2. ESCAPE=HTML_BR
keep CR/LF with <BR> and HTML encoding.
This is useful for BBS and an enquate use. Typicaly, I use ESCAPE=
HTML_BR with DISPLAY and ESCAPE=HTML with <INPUT type="hidden">.
It's mostly useful.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
<!-- TMPL_VAR ESCAPE=HTML_BR name="PARAM" -->
<INPUT type="hidden" name="PARAM" value="<TMPL_VAR ESCAPE=HTML name=PARAM>">
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
3. ESCAPE=BASE64
MIME::Base64 encoding. I used it for parameter passing, while I
made ESCAPE=HTML_BR. Now:-), I didn't know useful for.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--- Template.pm.orig Fri Aug 30 05:39:18 2002
+++ Template.pm Tue Nov 12 20:17:04 2002
@@ -881,6 +881,7 @@
use integer; # no floating point math so far!
use strict; # and no funny business, either.
+use MIME::Base64; # base64 encoder
use Carp; # generate better errors with more context
use File::Spec; # generate paths that work on all platforms
@@ -1735,8 +1736,11 @@
]);
(*fname, *fcounter, *fmax) = \ ( @{$fstack[0]} );
+ my $BR = HTML::Template::BR->new();
my $NOOP = HTML::Template::NOOP->new();
+ my $BASE64 = HTML::Template::Base64->new();
my $ESCAPE = HTML::Template::ESCAPE->new();
+ my $ESCAPE_BR = HTML::Template::ESCAPE_BR->new();
my $URLESCAPE = HTML::Template::URLESCAPE->new();
# all the tags that need NAMEs:
@@ -1815,6 +1819,15 @@
(?:[Uu][Rr][Ll]) |
(?:"[Uu][Rr][Ll]") |
(?:'[Uu][Rr][Ll]') |
+ (?:[Bb][Rr]) |
+ (?:"[Bb][Rr]") |
+ (?:'[Bb][Rr]') |
+ (?:[Bb][Aa][Ss][Ee]64) |
+ (?:"[Bb][Aa][Ss][Ee]64") |
+ (?:'[Bb][Aa][Ss][Ee]64') |
+ (?:[Hh][Tt][Mm][Ll][-_][Bb][Rr]) |
+ (?:"[Hh][Tt][Mm][Ll][-_][Bb][Rr]") |
+ (?:'[Hh][Tt][Mm][Ll][-_][Bb][Rr]') |
) # $5 => ESCAPE on
)
)* # allow multiple ESCAPEs
@@ -1882,6 +1895,15 @@
(?:[Uu][Rr][Ll]) |
(?:"[Uu][Rr][Ll]") |
(?:'[Uu][Rr][Ll]') |
+ (?:[Bb][Rr]) |
+ (?:"[Bb][Rr]") |
+ (?:'[Bb][Rr]') |
+ (?:[Bb][Aa][Ss][Ee]64) |
+ (?:"[Bb][Aa][Ss][Ee]64") |
+ (?:'[Bb][Aa][Ss][Ee]64') |
+ (?:[Hh][Tt][Mm][Ll][-_][Bb][Rr]) |
+ (?:"[Hh][Tt][Mm][Ll][-_][Bb][Rr]") |
+ (?:'[Hh][Tt][Mm][Ll][-_][Bb][Rr]') |
) # $15 => ESCAPE on
)
)* # allow multiple ESCAPEs
@@ -1966,6 +1988,12 @@
if ($escape) {
if ($escape =~ /^"?[Uu][Rr][Ll]"?$/) {
push(@pstack, $URLESCAPE);
+ } elsif($escape =~ /^"?[Bb][Rr]"?$/) {
+ push(@pstack, $BR);
+ } elsif($escape =~ /^"?[Bb][Aa][Ss][Ee]64"?$/) {
+ push(@pstack, $BASE64);
+ } elsif($escape =~ /^"?[Hh][Tt][Mm][Ll][-_][Bb][Rr]"?$/) {
+ push(@pstack, $ESCAPE_BR);
} else {
push(@pstack, $ESCAPE);
}
@@ -2647,6 +2675,40 @@
}
} elsif ($type eq 'HTML::Template::NOOP') {
next;
+
+ } elsif ($type eq 'HTML::Template::BR' ) {
+ $x++;
+ *line = \$parse_stack[$x];
+ if (defined($$line)) {
+ my $toencode = $$line;
+ $toencode=~s/(\r?\n)/<BR>$1/g;
+ $result .= $toencode;
+ }
+ next;
+
+ } elsif ($type eq 'HTML::Template::Base64' ) {
+ $x++;
+ *line = \$parse_stack[$x];
+ if (defined($$line)) {
+ $result .= encode_base64($$line, "");
+ }
+ next;
+ } elsif ($type eq 'HTML::Template::ESCAPE_BR') {
+ $x++;
+ *line = \$parse_stack[$x];
+ if (defined($$line)) {
+ my $toencode = $$line;
+ # straight from the CGI.pm bible.
+ $toencode=~s/&/&/g;
+ $toencode=~s/\"/"/g; #"
+ $toencode=~s/>/>/g;
+ $toencode=~s/</</g;
+ $toencode=~s/'/'/g; #'
+ $toencode=~s/(\r?\n)/<BR>$1/g;
+ $result .= $toencode;
+ }
+ next;
+
} elsif ($type eq 'HTML::Template::DEFAULT') {
$_ = $x; # remember default place in stack
@@ -2935,6 +2997,30 @@
}
package HTML::Template::ESCAPE;
+sub new {
+ my $unused;
+ my $self = \$unused;
+ bless($self, $_[0]);
+ return $self;
+}
+
+package HTML::Template::BR;
+sub new {
+ my $unused;
+ my $self = \$unused;
+ bless($self, $_[0]);
+ return $self;
+}
+
+package HTML::Template::Base64;
+sub new {
+ my $unused;
+ my $self = \$unused;
+ bless($self, $_[0]);
+ return $self;
+}
+
+package HTML::Template::ESCAPE_BR;
sub new {
my $unused;
my $self = \$unused;
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-------------------------------------------------------
This sf.net email is sponsored by: To learn the basics of securing
your web site with SSL, click here to get a FREE TRIAL of a Thawte
Server Certificate: http://www.gothawte.com/rd524.html
_______________________________________________
Html-template-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/html-template-users
