Skip to content
This repository

JhtmlBehavior - improve _getJSObject #1434

Closed
wants to merge 4 commits into from

4 participants

Elijah Madden Rouven Weßling Louis Landry Andrew Eddie
Elijah Madden

This function has several flaws which I think I've solved. I think that with a little more work I can eliminate it entirely as json_encode() should be used whenever possible.

Elijah Madden Fixed several flaws in JHTMLBehavior::_getJSObject:
1) fullScreen was used whenever !is_null($array['fullScreen']) (in otherwords, even if set to false)
2) if $array contained keys 'fullScreen' and 'size', the result was invalid js
3) JSON keys not quoted (possible unexpected behavior)
2055f2e
Elijah Madden Removed trailing whitespace 5e9e8a5
Elijah Madden

I changed my mind about removing it entirely. There are too many cases of things being passed with the \ prefix. That practice would need to be deprecated first. It could, perhaps, be purged from all Joomla code but there's no way to know if 3rd parties are making use of it.

In any case, it does not affect this patch as the \ behavior is still supported here.

Rouven Weßling
Collaborator

Why would we remove the use of \? The whole reason that method exists is to support data types beyond those that are handled by JSON.

Elijah Madden

In my opinion, there are better ways to support types such as functions while letting json_encode take care of whatever it possibly can. But I suppose the \ solution is one that has worked well and maybe shouldn't be changed.

Louis Landry

Good cleanup. If you can rebase it so that it merges cleanly I'll get it merged in this weekend. Thanks a bunch Elijah.

Elijah Madden

Sorry, I'm on Japan time. It'll have to wait till Monday.

Elijah Madden okonomiyaki3000 closed this October 04, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Showing 4 unique commits by 2 authors.

Aug 06, 2012
Elijah Madden Fixed several flaws in JHTMLBehavior::_getJSObject:
1) fullScreen was used whenever !is_null($array['fullScreen']) (in otherwords, even if set to false)
2) if $array contained keys 'fullScreen' and 'size', the result was invalid js
3) JSON keys not quoted (possible unexpected behavior)
2055f2e
Elijah Madden Removed trailing whitespace 5e9e8a5
Aug 19, 2012
Andrew Eddie Merge pull request #1473 from elinw/patch-10
Fix a grammar mistake in a comment
4999d18
Aug 20, 2012
Elijah Madden cleanup for merge dcb1f90
This page is out of date. Refresh to see the latest.

Showing 1 changed file with 35 additions and 31 deletions. Show diff stats Hide diff stats

  1. 66  libraries/joomla/html/html/behavior.php
66  libraries/joomla/html/html/behavior.php
@@ -809,6 +809,10 @@ public static function noframes()
809 809
 	/**
810 810
 	 * Internal method to get a JavaScript object notation string from an array
811 811
 	 *
  812
+	 * This function differs from json_encode() in two important ways:
  813
+	 *	1) If the array contains a key 'fullScreen', the resulting object will have a property 'size' which will be an object with properties 'x' and 'y'
  814
+	 *	2) Any elements in the array beginning with '\' will not be encoded, '\' will be stripped and they will be inserted as-is
  815
+	 *
812 816
 	 * @param   array  $array  The array to convert to JavaScript object notation
813 817
 	 *
814 818
 	 * @return  string  JavaScript object notation representation of the array
@@ -817,56 +821,56 @@ public static function noframes()
817 821
 	 */
818 822
 	protected static function _getJSObject($array = array())
819 823
 	{
820  
-		$object = '{';
  824
+		// Make sure we have an array
  825
+		$array = (array) $array;
  826
+
  827
+		// Handle special case: fullScreen
  828
+		if (isset($array['fullScreen']) && $array['fullScreen'])
  829
+		{
  830
+			$array['size'] = '\\{"x": window.getSize().x-80, "y": window.getSize().y-80}';
  831
+			$array['fullScreen'] = null;
  832
+		}
821 833
 
822  
-		// Iterate over array to build objects
823  
-		foreach ((array) $array as $k => $v)
  834
+		$elements = array();
  835
+		foreach ($array as $k => $v)
824 836
 		{
825  
-			if (is_null($v))
  837
+			// Don't encode either of these types
  838
+			if (is_null($v) || is_resource($v))
826 839
 			{
827 840
 				continue;
828 841
 			}
829 842
 
  843
+			// Safely encode as a Javascript string
  844
+			$key = json_encode((string) $k);
  845
+
830 846
 			if (is_bool($v))
831 847
 			{
832  
-				if ($k === 'fullScreen')
  848
+				$elements[] = $key . ': ' . ($v ? 'true' : 'false');
  849
+			}
  850
+			elseif (is_numeric($v))
  851
+			{
  852
+				$elements[] = $key . ': ' . ($v + 0);
  853
+			}
  854
+			elseif (is_string($v))
  855
+			{
  856
+				if (strpos($v, '\\') === 0)
833 857
 				{
834  
-					$object .= 'size: { ';
835  
-					$object .= 'x: ';
836  
-					$object .= 'window.getSize().x-80';
837  
-					$object .= ',';
838  
-					$object .= 'y: ';
839  
-					$object .= 'window.getSize().y-80';
840  
-					$object .= ' }';
841  
-					$object .= ',';
  858
+					// Items such as functions and JSON objects are prefixed with \, strip the prefix and don't encode them
  859
+					$elements[] = $key . ': ' . substr($v, 1);
842 860
 				}
843 861
 				else
844 862
 				{
845  
-					$object .= ' ' . $k . ': ';
846  
-					$object .= ($v) ? 'true' : 'false';
847  
-					$object .= ',';
  863
+					// The safest way to insert a string
  864
+					$elements[] = $key . ': ' . json_encode((string) $v);
848 865
 				}
849 866
 			}
850  
-			elseif (!is_array($v) && !is_object($v))
851  
-			{
852  
-				$object .= ' ' . $k . ': ';
853  
-				$object .= (is_numeric($v) || strpos($v, '\\') === 0) ? (is_numeric($v)) ? $v : substr($v, 1) : "'" . $v . "'";
854  
-				$object .= ',';
855  
-			}
856 867
 			else
857 868
 			{
858  
-				$object .= ' ' . $k . ': ' . self::_getJSObject($v) . ',';
  869
+				$elements[] = $key . ': ' . self::_getJSObject($v);
859 870
 			}
860 871
 		}
861 872
 
862  
-		if (substr($object, -1) == ',')
863  
-		{
864  
-			$object = substr($object, 0, -1);
865  
-		}
866  
-
867  
-		$object .= '}';
868  
-
869  
-		return $object;
  873
+		return '{' . implode(',', $elements) . '}';
870 874
 	}
871 875
 
872 876
 	/**
Commit_comment_tip

Tip: You can add notes to lines in a file. Hover to the left of a line to make a note

Something went wrong with that request. Please try again.