[CakePHP : The Rapid Development Framework for PHP] #6267: JavascriptHelper::escapeString() improvements

Mon, 06 Apr 2009 12:52:19 -0700 

#6267: JavascriptHelper::escapeString() improvements
-----------------------------+----------------------------------------------
    Reporter:  danielaraujo  |          Type:  Bug    
      Status:  new           |      Priority:  Medium 
   Milestone:  1.2.x.x       |     Component:  Helpers
     Version:  1.2 Final     |      Severity:  Normal 
    Keywords:                |   Php_version:  n/a    
Cake_version:                |  
-----------------------------+----------------------------------------------
 Two situations when a string won't be properly escaped for JSON encoding
 by the JavascriptHelper::escapeString() function:





 1) When it contains \" (previously escaped quotation marks) it would be
 escaped as \\", when it should read \\\". Adding a new value to the start
 of the $escape array fixed it:


 {{{
 $escape = array('\"'=>'\\\"', "\r\n" => '\n', "\r" => '\n', "\n" => '\n',
 '"' => '\"', "'" => "\\'");
 }}}




 2) When a backslash is the last character in a string. It escapes the
 quotation marks used for JSON delimiting.

 So that particular backslash should be escaped before the string is
 output. But we should see if it wasn't already escaped. Here's a lazy fix.


 {{{
 if (substr($string, -1)=='\\') {
         if (substr($string, -2)!='\\') {
                 $string.='\\';
         }
 }
 }}}


 Not ideal since it doesn't take previous escapings into account.

-- 
Ticket URL: <https://trac.cakephp.org/ticket/6267>
CakePHP : The Rapid Development Framework for PHP <https://trac.cakephp.org/>
Cake is a rapid development framework for PHP which uses commonly known design 
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. 
Our primary goal is to provide a structured framework that enables PHP users at 
all levels to rapidly develop robust web applications, without any loss to 
flexibility.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"tickets cakephp" group.
To post to this group, send email to tickets-cakephp@googlegroups.com
To unsubscribe from this group, send email to 
tickets-cakephp+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/tickets-cakephp?hl=en
-~----------~----~----~----~------~----~------~--~---
  • [CakePHP : The Rapid Dev... CakePHP : The Rapid Development Framework for PHP

Reply via email to