1 files changed, 38 insertions, 0 deletions

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/VarParser/Native.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/VarParser/Native.php
new file mode 100644
index 00000000..c28055b5
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/VarParser/Native.php
@@ -0,0 +1,38 @@
+<?php

+

+/**

+ * This variable parser uses PHP's internal code engine. Because it does

+ * this, it can represent all inputs; however, it is dangerous and cannot

+ * be used by users.

+ */

+class HTMLPurifier_VarParser_Native extends HTMLPurifier_VarParser

+{

+

+    /**

+     * @param mixed $var

+     * @param int $type

+     * @param bool $allow_null

+     * @return null|string

+     */

+    protected function parseImplementation($var, $type, $allow_null)

+    {

+        return $this->evalExpression($var);

+    }

+

+    /**

+     * @param string $expr

+     * @return mixed

+     * @throws HTMLPurifier_VarParserException

+     */

+    protected function evalExpression($expr)

+    {

+        $var = null;

+        $result = eval("\$var = $expr;");

+        if ($result === false) {

+            throw new HTMLPurifier_VarParserException("Fatal error in evaluated code");

+        }

+        return $var;

+    }

+}

+

+// vim: et sw=4 sts=4