|
Revision 21, 0.7 kB
(checked in by admin, 18 years ago)
|
|
|
| Line | |
|---|
| 1 | <?php |
|---|
| 2 | |
|---|
| 3 | /** |
|---|
| 4 | * This variable parser uses PHP's internal code engine. Because it does |
|---|
| 5 | * this, it can represent all inputs; however, it is dangerous and cannot |
|---|
| 6 | * be used by users. |
|---|
| 7 | */ |
|---|
| 8 | class HTMLPurifier_VarParser_Native extends HTMLPurifier_VarParser |
|---|
| 9 | { |
|---|
| 10 | |
|---|
| 11 | protected function parseImplementation($var, $type, $allow_null) { |
|---|
| 12 | return $this->evalExpression($var); |
|---|
| 13 | } |
|---|
| 14 | |
|---|
| 15 | protected function evalExpression($expr) { |
|---|
| 16 | $var = null; |
|---|
| 17 | $result = eval("\$var = $expr;"); |
|---|
| 18 | if ($result === false) { |
|---|
| 19 | throw new HTMLPurifier_VarParserException("Fatal error in evaluated code"); |
|---|
| 20 | } |
|---|
| 21 | return $var; |
|---|
| 22 | } |
|---|
| 23 | |
|---|
| 24 | } |
|---|
| 25 | |
|---|
