mirror of
https://github.com/smogon/pokemon-showdown-client.git
synced 2026-03-22 10:05:46 -05:00
2105dc8e57
Closes #1567 The main reason I'm not simply merging Annika's PR is because this way makes it clearer that I'm taking responsibility for all this code, that it's mostly code I wrote, and also because it makes it easier to ensure that none of the files have been changed. (Not that I don't personally trust Annika, but I have something resembling an obligation to users not to expose them to risks based on personal trust.)
27 lines
669 B
PHP
27 lines
669 B
PHP
<?php
|
|
|
|
/**
|
|
* This variable parser uses PHP's internal code engine. Because it does
|
|
* this, it can represent all inputs; however, it is dangerous and cannot
|
|
* be used by users.
|
|
*/
|
|
class HTMLPurifier_VarParser_Native extends HTMLPurifier_VarParser
|
|
{
|
|
|
|
protected function parseImplementation($var, $type, $allow_null) {
|
|
return $this->evalExpression($var);
|
|
}
|
|
|
|
protected function evalExpression($expr) {
|
|
$var = null;
|
|
$result = eval("\$var = $expr;");
|
|
if ($result === false) {
|
|
throw new HTMLPurifier_VarParserException("Fatal error in evaluated code");
|
|
}
|
|
return $var;
|
|
}
|
|
|
|
}
|
|
|
|
// vim: et sw=4 sts=4
|