From c02bb9c30733c08768a1916a2672f5e92dbab80f Mon Sep 17 00:00:00 2001 From: alecpl Date: Tue, 7 Oct 2008 07:27:29 +0000 Subject: #1485472: added js keywords escaping in json_serialize() --- program/include/rcube_shared.inc | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) (limited to 'program/include') diff --git a/program/include/rcube_shared.inc b/program/include/rcube_shared.inc index 8a8181190..e740aeaa3 100644 --- a/program/include/rcube_shared.inc +++ b/program/include/rcube_shared.inc @@ -108,6 +108,31 @@ function send_modified_header($mdate, $etag=null, $skip_check=false) } +/** + * Returns whether an $str is a reserved word for any of the version of Javascript or ECMAScript + * @param str String to check + * @return boolean True if $str is a reserver word, False if not + */ +function is_js_reserved_word($str) +{ + return in_array($str, array( + // ECMASript ver 4 reserved words + 'as','break','case','catch','class','const','continue', + 'default','delete','do','else','export','extends','false','finally','for','function', + 'if','import','in','instanceof','is','namespace','new','null','package','private', + 'public','return','super','switch','this','throw','true','try','typeof','use','var', + 'void','while','with', + // ECMAScript ver 4 future reserved words + 'abstract','debugger','enum','goto','implements','interface','native','protected', + 'synchronized','throws','transient','volatile', + // special meaning in some contexts + 'get','set', + // were reserved in ECMAScript ver 3 + 'boolean','byte','char','double','final','float','int','long','short','static' + )); +} + + /** * Convert a variable into a javascript object notation * @@ -145,7 +170,7 @@ function json_serialize($var) foreach ($var as $key => $value) { // enclose key with quotes if it is not variable-name conform - if (!ereg("^[_a-zA-Z]{1}[_a-zA-Z0-9]*$", $key) /* || is_js_reserved_word($key) */) + if (!ereg("^[_a-zA-Z]{1}[_a-zA-Z0-9]*$", $key) || is_js_reserved_word($key)) $key = "'$key'"; $pairs[] = sprintf("%s%s", $is_assoc ? "$key:" : '', json_serialize($value)); @@ -163,6 +188,7 @@ function json_serialize($var) } + /** * Function to convert an array to a javascript array * Actually an alias function for json_serialize() -- cgit v1.2.3