diff options
author | gnarf <gnarf@gnarf.net> | 2011-01-09 17:41:12 -0600 |
---|---|---|
committer | Scott González <scott.gonzalez@gmail.com> | 2011-01-10 20:20:14 -0500 |
commit | 51482a9d6585246108b696f1875d1b9c4f5e422e (patch) | |
tree | fd724a24fafd8476990f54ef3c8b6e4a110763ec | |
parent | cce7dbe8f2fe195fbac4f381c0281f54405c1f6d (diff) | |
download | jquery-ui-51482a9d6585246108b696f1875d1b9c4f5e422e.tar.gz jquery-ui-51482a9d6585246108b696f1875d1b9c4f5e422e.zip |
Demos: PHP Strict mode compliance and use parse_json() for JSON encoding. Fixes #5124 - Ensure all PHP scripts for demos/tests properly escape/filter input data.
-rw-r--r-- | demos/autocomplete/search.php | 68 |
1 files changed, 8 insertions, 60 deletions
diff --git a/demos/autocomplete/search.php b/demos/autocomplete/search.php index 8fa9d28f8..cbe78a52a 100644 --- a/demos/autocomplete/search.php +++ b/demos/autocomplete/search.php @@ -1,7 +1,10 @@ <?php - +// no term passed - just exit early with no response +if (empty($_GET['term'])) exit ; $q = strtolower($_GET["term"]); -if (!$q) return; +// remove slashes if they were magically added +if (get_magic_quotes_gpc()) $q = stripslashes($q); + $items = array( "Great Bittern"=>"Botaurus stellaris", "Little Grebe"=>"Tachybaptus ruficollis", @@ -569,63 +572,6 @@ $items = array( "Heuglin's Gull"=>"Larus heuglini" ); -function array_to_json( $array ){ - - if( !is_array( $array ) ){ - return false; - } - - $associative = count( array_diff( array_keys($array), array_keys( array_keys( $array )) )); - if( $associative ){ - - $construct = array(); - foreach( $array as $key => $value ){ - - // We first copy each key/value pair into a staging array, - // formatting each key and value properly as we go. - - // Format the key: - if( is_numeric($key) ){ - $key = "key_$key"; - } - $key = "\"".addslashes($key)."\""; - - // Format the value: - if( is_array( $value )){ - $value = array_to_json( $value ); - } else if( !is_numeric( $value ) || is_string( $value ) ){ - $value = "\"".addslashes($value)."\""; - } - - // Add to staging array: - $construct[] = "$key: $value"; - } - - // Then we collapse the staging array into the JSON form: - $result = "{ " . implode( ", ", $construct ) . " }"; - - } else { // If the array is a vector (not associative): - - $construct = array(); - foreach( $array as $value ){ - - // Format the value: - if( is_array( $value )){ - $value = array_to_json( $value ); - } else if( !is_numeric( $value ) || is_string( $value ) ){ - $value = "'".addslashes($value)."'"; - } - - // Add to staging array: - $construct[] = $value; - } - - // Then we collapse the staging array into the JSON form: - $result = "[ " . implode( ", ", $construct ) . " ]"; - } - - return $result; -} $result = array(); foreach ($items as $key=>$value) { @@ -635,6 +581,8 @@ foreach ($items as $key=>$value) { if (count($result) > 11) break; } -echo array_to_json($result); + +// json_encode is available in PHP 5.2 and above, or you can install a PECL module in earlier versions +echo json_encode($result); ?>
\ No newline at end of file |