Updated View Helpers to use new Escaper class & supporting helpers

nclundsten · Jul 4, 2012 · 39140db · 39140db
1 parent 35b0448
commit 39140db
Show file tree

Hide file tree

Showing 8 changed files with 22 additions and 9 deletions.
diff --git a/library/Zend/View/Helper/AbstractHtmlElement.php b/library/Zend/View/Helper/AbstractHtmlElement.php
@@ -84,7 +84,7 @@ protected function _isXhtml()
     protected function _htmlAttribs($attribs)
     {
         $xhtml   = '';
-        $escaper = $this->view->plugin('escape');
+        $escaper = $this->view->plugin('escapehtml');
         foreach ((array) $attribs as $key => $val) {
             $key = $escaper($key);
 

diff --git a/library/Zend/View/Helper/FormElement.php b/library/Zend/View/Helper/FormElement.php
@@ -185,7 +185,7 @@ protected function _getInfo($name, $value = null, $attribs = null,
      */
     protected function _hidden($name, $value = null, $attribs = null)
     {
-        $escaper = $this->view->plugin('escape');
+        $escaper = $this->view->plugin('escapeHtml');
         return '<input type="hidden"'
              . ' name="' . $escaper($name) . '"'
              . ' value="' . $escaper($value) . '"'

diff --git a/library/Zend/View/Helper/HtmlList.php b/library/Zend/View/Helper/HtmlList.php
@@ -47,7 +47,7 @@ public function __invoke(array $items, $ordered = false, $attribs = false, $esca
         foreach ($items as $item) {
             if (!is_array($item)) {
                 if ($escape) {
-                    $escaper = $this->view->plugin('escape');
+                    $escaper = $this->view->plugin('escapeHtml');
                     $item    = $escaper($item);
                 }
                 $list .= '<li>' . $item . '</li>' . self::EOL;

diff --git a/library/Zend/View/Helper/Navigation/AbstractHelper.php b/library/Zend/View/Helper/Navigation/AbstractHelper.php
@@ -673,7 +673,7 @@ public function htmlify(AbstractPage $page)
             'target' => $page->getTarget()
         );
 
-        $escaper = $this->view->plugin('escape');
+        $escaper = $this->view->plugin('escapeHtml');
 
         return '<a' . $this->_htmlAttribs($attribs) . '>'
              . $escaper($label)

diff --git a/library/Zend/View/Helper/Navigation/Breadcrumbs.php b/library/Zend/View/Helper/Navigation/Breadcrumbs.php
@@ -191,7 +191,7 @@ public function renderStraight($container = null)
             if ($this->getUseTranslator() && $t = $this->getTranslator()) {
                 $html = $t->translate($html);
             }
-            $escaper = $this->view->plugin('escape');
+            $escaper = $this->view->plugin('escapeHtml');
             $html    = $escaper($html);
         }
 

diff --git a/library/Zend/View/Helper/Navigation/Menu.php b/library/Zend/View/Helper/Navigation/Menu.php
@@ -233,7 +233,7 @@ public function htmlify(AbstractPage $page)
             $element = 'span';
         }
 
-        $escaper = $this->view->plugin('escape');
+        $escaper = $this->view->plugin('escapeHtml');
         return '<' . $element . $this->_htmlAttribs($attribs) . '>'
              . $escaper($label)
              . '</' . $element . '>';

diff --git a/library/Zend/View/Helper/Placeholder/Container/AbstractStandalone.php b/library/Zend/View/Helper/Placeholder/Container/AbstractStandalone.php
@@ -127,9 +127,18 @@ protected function _escape($string)
             && method_exists($this->view, 'getEncoding')
         ) {
             $enc = $this->view->getEncoding();
+            $escaper = $this->view->plugin('escapeHtml');
+            return $escaper((string) $string);
         }
-
-        return htmlspecialchars((string) $string, ENT_COMPAT, $enc);
+        /**
+         * bump this out to a protected method to kill the instance penalty!
+         */
+        $escaper = new \Zend\Escaper\Escaper($enc);
+        return $escaper->escapeHtml((string) $string);
+        /**
+         * Replaced to ensure consistent escaping
+         */
+        //return htmlspecialchars((string) $string, ENT_COMPAT, $enc);
     }
 
     /**

diff --git a/library/Zend/View/HelperPluginManager.php b/library/Zend/View/HelperPluginManager.php
@@ -52,7 +52,11 @@ class HelperPluginManager extends AbstractPluginManager
         'url'                 => 'Zend\View\Helper\Url',
         'cycle'               => 'Zend\View\Helper\Cycle',
         'declarevars'         => 'Zend\View\Helper\DeclareVars',
-        'escape'              => 'Zend\View\Helper\Escape',
+        'escapehtml'          => 'Zend\View\Helper\EscapeHtml',
+        'escapehtmlattr'      => 'Zend\View\Helper\EscapeHtmlAttr',
+        'escapejs'            => 'Zend\View\Helper\EscapeJs',
+        'escapecss'           => 'Zend\View\Helper\EscapeCss',
+        'escapeurl'           => 'Zend\View\Helper\EscapeUrl',
         'gravatar'            => 'Zend\View\Helper\Gravatar',
         'headlink'            => 'Zend\View\Helper\HeadLink',
         'headmeta'            => 'Zend\View\Helper\HeadMeta',