mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-11-10 07:38:41 +00:00
26 lines
659 B
PHP
26 lines
659 B
PHP
|
<?php
|
||
|
|
||
|
/**
|
||
|
* This variable parser uses PHP's internal code engine. Because it does
|
||
|
* this, it can represent all inputs; however, it is dangerous and cannot
|
||
|
* be used by users.
|
||
|
*/
|
||
|
class HTMLPurifier_VarParser_Native extends HTMLPurifier_VarParser
|
||
|
{
|
||
|
|
||
|
protected function parseImplementation($var, $type, $allow_null) {
|
||
|
return $this->evalExpression($var);
|
||
|
}
|
||
|
|
||
|
protected function evalExpression($expr) {
|
||
|
$var = null;
|
||
|
$result = eval("\$var = $expr;");
|
||
|
if ($result === false) {
|
||
|
throw new HTMLPurifier_VarParserException("Fatal error in evaluated code");
|
||
|
}
|
||
|
return $var;
|
||
|
}
|
||
|
|
||
|
}
|
||
|
|