'use strict'; module.exports = function htmlspecialchars(string, quoteStyle, charset, doubleEncode) { // discuss at: http://locutus.io/php/htmlspecialchars/ // original by: Mirek Slugen // improved by: Kevin van Zonneveld (http://kvz.io) // bugfixed by: Nathan // bugfixed by: Arno // bugfixed by: Brett Zamir (http://brett-zamir.me) // bugfixed by: Brett Zamir (http://brett-zamir.me) // revised by: Kevin van Zonneveld (http://kvz.io) // input by: Ratheous // input by: Mailfaker (http://www.weedem.fr/) // input by: felix // reimplemented by: Brett Zamir (http://brett-zamir.me) // note 1: charset argument not supported // example 1: htmlspecialchars("Test", 'ENT_QUOTES') // returns 1: '<a href='test'>Test</a>' // example 2: htmlspecialchars("ab\"c'd", ['ENT_NOQUOTES', 'ENT_QUOTES']) // returns 2: 'ab"c'd' // example 3: htmlspecialchars('my "&entity;" is still here', null, null, false) // returns 3: 'my "&entity;" is still here' var optTemp = 0; var i = 0; var noquotes = false; if (typeof quoteStyle === 'undefined' || quoteStyle === null) { quoteStyle = 2; } string = string || ''; string = string.toString(); if (doubleEncode !== false) { // Put this first to avoid double-encoding string = string.replace(/&/g, '&'); } string = string.replace(//g, '>'); var OPTS = { 'ENT_NOQUOTES': 0, 'ENT_HTML_QUOTE_SINGLE': 1, 'ENT_HTML_QUOTE_DOUBLE': 2, 'ENT_COMPAT': 2, 'ENT_QUOTES': 3, 'ENT_IGNORE': 4 }; if (quoteStyle === 0) { noquotes = true; } if (typeof quoteStyle !== 'number') { // Allow for a single string or an array of string flags quoteStyle = [].concat(quoteStyle); for (i = 0; i < quoteStyle.length; i++) { // Resolve string input to bitwise e.g. 'ENT_IGNORE' becomes 4 if (OPTS[quoteStyle[i]] === 0) { noquotes = true; } else if (OPTS[quoteStyle[i]]) { optTemp = optTemp | OPTS[quoteStyle[i]]; } } quoteStyle = optTemp; } if (quoteStyle & OPTS.ENT_HTML_QUOTE_SINGLE) { string = string.replace(/'/g, '''); } if (!noquotes) { string = string.replace(/"/g, '"'); } return string; }; //# sourceMappingURL=htmlspecialchars.js.map