C_STRING
C_STRING = 1
This variable parser uses PHP's internal code engine. Because it does this, it can represent all inputs; however, it is dangerous and cannot be used by users.
parse(mixed $var, int $type, bool $allow_null = false) : string
Validate a variable according to type.
It may return NULL as a valid type if $allow_null is true.
| mixed | $var | Variable to validate |
| int | $type | Type of variable, see HTMLPurifier_VarParser->types |
| bool | $allow_null | Whether or not to permit null as a value |
Validated and type-coerced variable
<?php
/**
* This variable parser uses PHP's internal code engine. Because it does
* this, it can represent all inputs; however, it is dangerous and cannot
* be used by users.
*/
class HTMLPurifier_VarParser_Native extends HTMLPurifier_VarParser
{
/**
* @param mixed $var
* @param int $type
* @param bool $allow_null
* @return null|string
*/
protected function parseImplementation($var, $type, $allow_null)
{
return $this->evalExpression($var);
}
/**
* @param string $expr
* @return mixed
* @throws HTMLPurifier_VarParserException
*/
protected function evalExpression($expr)
{
$var = null;
$result = eval("\$var = $expr;");
if ($result === false) {
throw new HTMLPurifier_VarParserException("Fatal error in evaluated code");
}
return $var;
}
}
// vim: et sw=4 sts=4