more generalized javascript_renderData

- handles json/jsonp transparently (avoiding code duplication in templates) - use php's internal json_encode functions (with JSON_UNESCAPED_UNICODE for backward compatibility) - be more liberal with what is allowed as a callback identifier - return a 400 for illegal callbacks - return application/javascript type when jsonp is requested fixes #16, fixes #17
2024-11-12 14:30:30 +03:00 · 2012-07-01 13:19:59 +02:00 · 2012-07-01 13:19:59 +02:00 · 1cb55c6e31
commit 1cb55c6e31
parent 8ff0aabaf3
5 changed files with 22 additions and 85 deletions
--- a/lib/lib.php
+++ b/lib/lib.php
@ -592,45 +592,25 @@
 	}
 	
 	
-        function javascript_isarray($xVal)
-        {
-                if (!is_array($xVal)) return false;
-                for($i = 0; $i < sizeof($xVal); $i++)
-                {
-                        if (!array_key_exists($i, $xVal)) return false;
-                }
-                return true;
-        }

-        function javascript_renderData($xVal, $bForceHash = false)
-        {
-                if (is_array($xVal))
-                {
-                        $aVals = array();
-                        if (javascript_isarray($xVal) && !$bForceHash)
-                        {
-                                foreach($xVal as $sKey => $xData)
-                                {
-                                        $aVals[] = javascript_renderData($xData);
-                                }
-                                return '['.join(',',$aVals).']';
-                        }
-                        else
-                        {
-                                foreach($xVal as $sKey => $xData)
-                                {
-                                        $aVals[] = '"'.addslashes($sKey).'"'.':'.javascript_renderData($xData);
-                                }
-                                return '{'.join(',',$aVals).'}';
-                        }
-                }
-                else
-                {
-                        if (is_bool($xVal)) return $xVal?'true':'false';
-//			if (is_numeric($xVal)) return $xVal;
-                        return '"'.str_replace('>','\\>',str_replace(array("\n","\r"),'\\n',str_replace(array("\n\r","\r\n"),'\\n',str_replace('"','\\"',$xVal)))).'"';
-                }
-        }
+    function javascript_renderData($xVal)
+    {
+        header("Access-Control-Allow-Origin: *");
+
+        $jsonout = json_encode($xVal, JSON_UNESCAPED_UNICODE);
+
+		if( ! isset($_GET['json_callback'])) {
+			header("Content-Type: application/json; charset=UTF-8");
+			echo $jsonout;
+		} else {
+			if (preg_match('/^[$_\p{L}][$_\p{L}\p{Nd}.[\]]*$/u',$_GET['json_callback'])) {
+				header("Content-Type: application/javascript; charset=UTF-8");
+				echo $_GET['json_callback'].'('.$jsonout.')';
+			} else {
+				header('HTTP/1.0 400 Bad Request');
+			}
+		}
+    }

 	function _debugDumpGroupedSearches($aData, $aTokens)
 	{
--- a/lib/template/address-json.php
+++ b/lib/template/address-json.php
@ -1,7 +1,4 @@
 <?php
-	header ("Content-Type: application/json; charset=UTF-8");
-	header("Access-Control-Allow-Origin: *");
-
 	$aFilteredPlaces = array();

 	if (!sizeof($aPlace))
@ -27,13 +24,5 @@
 		if ($bShowAddressDetails) $aFilteredPlaces['address'] = $aAddress;
 	}

-	if (isset($_GET['json_callback']) && preg_match('/^[-A-Za-z0-9:_.]+$/',$_GET['json_callback']))
-	{
-		echo $_GET['json_callback'].'('.javascript_renderData($aFilteredPlaces).')';
-	}
-	else
-	{
-		echo javascript_renderData($aFilteredPlaces);
-	}
-
+	javascript_renderData($aFilteredPlaces);

--- a/lib/template/address-jsonv2.php
+++ b/lib/template/address-jsonv2.php
@ -1,7 +1,4 @@
 <?php
-	header ("Content-Type: application/json; charset=UTF-8");
-	header("Access-Control-Allow-Origin: *");
-
 	$aFilteredPlaces = array();

 	if (!sizeof($aPlace))
@ -32,13 +29,4 @@
 		if ($bShowAddressDetails && $aAddress && sizeof($aAddress)) $aFilteredPlaces['address'] = $aAddress;
 	}

-	if (isset($_GET['json_callback']) && preg_match('/^[-A-Za-z0-9:_]+$/',$_GET['json_callback']))
-	{
-		echo $_GET['json_callback'].'('.javascript_renderData($aFilteredPlaces).')';
-	}
-	else
-	{
-		echo javascript_renderData($aFilteredPlaces);
-	}
-
-
+	javascript_renderData($aFilteredPlaces);
--- a/lib/template/search-json.php
+++ b/lib/template/search-json.php
@ -1,7 +1,4 @@
 <?php
-	header("Content-Type: application/json; charset=UTF-8");
-	header("Access-Control-Allow-Origin: *");
-
 	$aFilteredPlaces = array();
 	foreach($aSearchResults as $iResNum => $aPointDetails)
 	{
@ -55,11 +52,4 @@
 		$aFilteredPlaces[] = $aPlace;
 	}

-	if (isset($_GET['json_callback']) && preg_match('/^[-A-Za-z0-9:_.]+$/',$_GET['json_callback']))
-	{
-		echo $_GET['json_callback'].'('.javascript_renderData($aFilteredPlaces).')';
-	}
-	else
-	{
-		echo javascript_renderData($aFilteredPlaces);
-	}
+	javascript_renderData($aFilteredPlaces);
--- a/lib/template/search-jsonv2.php
+++ b/lib/template/search-jsonv2.php
@ -1,7 +1,4 @@
 <?php
-	header("Content-Type: application/json; charset=UTF-8");
-	header("Access-Control-Allow-Origin: *");
-
 	$aFilteredPlaces = array();
 	foreach($aSearchResults as $iResNum => $aPointDetails)
 	{
@ -55,11 +52,4 @@
 		$aFilteredPlaces[] = $aPlace;
 	}

-	if (isset($_GET['json_callback']) && preg_match('/^[-A-Za-z0-9:_.]+$/',$_GET['json_callback']))
-	{
-		echo $_GET['json_callback'].'('.javascript_renderData($aFilteredPlaces).')';
-	}
-	else
-	{
-		echo javascript_renderData($aFilteredPlaces);
-	}
+	javascript_renderData($aFilteredPlaces);