Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Improve handling of nested objects to ensure data is always escaped. …

…Support proxy to objects that implement the Iterator interface
  • Loading branch information...
commit 030ad9c74f14026c4124d8b6971b71accc6ede8b 1 parent 4f59ead
@saltybeagle saltybeagle authored
View
3  src/Templates/Savant/Main.php
@@ -663,7 +663,8 @@ public function renderElse($condition, $render, $else, $rendertemplate = null, $
*/
protected function renderObject($object, $template = null)
{
- if ($this->__config['escape']) {
+ if ($this->__config['escape']
+ && !$object instanceof ObjectProxy) {
$object = new ObjectProxy($object, $this);
}
return $this->fetch($object, $template);
View
14 src/Templates/Savant/ObjectProxy.php
@@ -66,7 +66,16 @@ function __construct($object, $savant)
function __get($var)
{
$var = $this->object->$var;
- if (is_string($var)) {
+ switch(gettype($var)) {
+ case 'object':
+ if ($var instanceof \Iterator) {
+ return new ObjectProxy\Iterator($var, $this->savant);
+ }
+ return new self($var, $this->savant);
+ case 'string':
+ case 'int':
+ case 'bool':
+ case 'double':
return $this->savant->escape($var);
}
return $var;
@@ -107,9 +116,6 @@ function __call($name, $arguments)
*/
function __getClass()
{
- if ($this->object instanceof ObjectProxy) {
- return $this->object->__getClass();
- }
return get_class($this->object);
}
}
View
30 src/Templates/Savant/ObjectProxy/Iterator.php
@@ -0,0 +1,30 @@
+<?php
+namespace pear2\Templates\Savant\ObjectProxy;
+use pear2\Templates\Savant\ObjectProxy;
+class Iterator extends ObjectProxy implements \Iterator
+{
+ function current()
+ {
+ return $this->object->current();
+ }
+
+ function next()
+ {
+ return $this->object->next();
+ }
+
+ function key()
+ {
+ return $this->object->key();
+ }
+
+ function valid()
+ {
+ return $this->object->valid();
+ }
+
+ function rewind()
+ {
+ return $this->object->rewind();
+ }
+}
Please sign in to comment.
Something went wrong with that request. Please try again.