wns-mvc-package
Version:
MVC package/bundle for WNS Middleware
407 lines (359 loc) • 18.8 kB
JavaScript
/**
* @WNS - The NodeJS Middleware and Framework
*
* @copyright: Copyright © 2012- YEPT ®
* @page: http://wns.yept.net/
* @docs: http://wns.yept.net/docs/
* @license: http://wns.yept.net/license/
*/
/**
* No description yet.
*
* @author Pedro Nasser
*/
// Exports
module.exports = {
/**
* Class dependencies
*/
extend: [],
/**
* PRIVATE
*/
private: {},
/**
* Public Variables
*/
public: {},
/**
* Methods
*/
methods: {
/**
* Initialization
*/
init: function () {
this.EncodeType = "entity";
this.arr1 = new Array(' ', '¡', '¢', '£', '¤', '¥', '¦', '§', '¨', '©', 'ª', '«', '¬', '­', '®', '¯', '°', '±', '²', '³', '´', 'µ', '¶', '·', '¸', '¹', 'º', '»', '¼', '½', '¾', '¿', 'À', 'Á', 'Â', 'Ã', 'Ä', 'Å', '&Aelig;', 'Ç', 'È', 'É', 'Ê', 'Ë', 'Ì', 'Í', 'Î', 'Ï', 'Ð', 'Ñ', 'Ò', 'Ó', 'Ô', 'Õ', 'Ö', '×', 'Ø', 'Ù', 'Ú', 'Û', 'Ü', 'Ý', 'Þ', 'ß', 'à', 'á', 'â', 'ã', 'ä', 'å', 'æ', 'ç', 'è', 'é', 'ê', 'ë', 'ì', 'í', 'î', 'ï', 'ð', 'ñ', 'ò', 'ó', 'ô', 'õ', 'ö', '÷', 'Ø', 'ù', 'ú', 'û', 'ü', 'ý', 'þ', 'ÿ', '"', '&', '<', '>', 'œ', 'œ', 'š', 'š', 'ÿ', 'ˆ', '˜', ' ', ' ', ' ', '‌', '‍', '‎', '‏', '–', '—', '‘', '’', '‚', '“', '”', '„', '†', '†', '‰', '‹', '›', '€', 'ƒ', 'α', 'β', 'γ', 'δ', 'ε', 'ζ', 'η', 'θ', 'ι', 'κ', 'λ', 'μ', 'ν', 'ξ', 'ο', 'π', 'ρ', 'σ', 'τ', 'υ', 'φ', 'χ', 'ψ', 'ω', 'α', 'β', 'γ', 'δ', 'ε', 'ζ', 'η', 'θ', 'ι', 'κ', 'λ', 'μ', 'ν', 'ξ', 'ο', 'π', 'ρ', 'ς', 'σ', 'τ', 'υ', 'φ', 'χ', 'ψ', 'ω', 'ϑ', 'ϒ', 'ϖ', '•', '…', '′', '′', '‾', '⁄', '℘', 'ℑ', 'ℜ', '™', 'ℵ', '←', '↑', '→', '↓', '↔', '↵', '←', '↑', '→', '↓', '↔', '∀', '∂', '∃', '∅', '∇', '∈', '∉', '∋', '∏', '∑', '−', '∗', '√', '∝', '∞', '∠', '∧', '∨', '∩', '∪', '∫', '∴', '∼', '≅', '≈', '≠', '≡', '≤', '≥', '⊂', '⊃', '⊄', '⊆', '⊇', '⊕', '⊗', '⊥', '⋅', '⌈', '⌉', '⌊', '⌋', '⟨', '⟩', '◊', '♠', '♣', '♥', '♦');
this.arr2 = new Array(' ', '¡', '¢', '£', '¤', '¥', '¦', '§', '¨', '©', 'ª', '«', '¬', '­', '®', '¯', '°', '±', '²', '³', '´', 'µ', '¶', '·', '¸', '¹', 'º', '»', '¼', '½', '¾', '¿', 'À', 'Á', 'Â', 'Ã', 'Ä', 'Å', 'Æ', 'Ç', 'È', 'É', 'Ê', 'Ë', 'Ì', 'Í', 'Î', 'Ï', 'Ð', 'Ñ', 'Ò', 'Ó', 'Ô', 'Õ', 'Ö', '×', 'Ø', 'Ù', 'Ú', 'Û', 'Ü', 'Ý', 'Þ', 'ß', 'à', 'á', 'â', 'ã', 'ä', 'å', 'æ', 'ç', 'è', 'é', 'ê', 'ë', 'ì', 'í', 'î', 'ï', 'ð', 'ñ', 'ò', 'ó', 'ô', 'õ', 'ö', '÷', 'ø', 'ù', 'ú', 'û', 'ü', 'ý', 'þ', 'ÿ', '"', '&', '<', '>', 'Œ', 'œ', 'Š', 'š', 'Ÿ', 'ˆ', '˜', ' ', ' ', ' ', '‌', '‍', '‎', '‏', '–', '—', '‘', '’', '‚', '“', '”', '„', '†', '‡', '‰', '‹', '›', '€', 'ƒ', 'Α', 'Β', 'Γ', 'Δ', 'Ε', 'Ζ', 'Η', 'Θ', 'Ι', 'Κ', 'Λ', 'Μ', 'Ν', 'Ξ', 'Ο', 'Π', 'Ρ', 'Σ', 'Τ', 'Υ', 'Φ', 'Χ', 'Ψ', 'Ω', 'α', 'β', 'γ', 'δ', 'ε', 'ζ', 'η', 'θ', 'ι', 'κ', 'λ', 'μ', 'ν', 'ξ', 'ο', 'π', 'ρ', 'ς', 'σ', 'τ', 'υ', 'φ', 'χ', 'ψ', 'ω', 'ϑ', 'ϒ', 'ϖ', '•', '…', '′', '″', '‾', '⁄', '℘', 'ℑ', 'ℜ', '™', 'ℵ', '←', '↑', '→', '↓', '↔', '↵', '⇐', '⇑', '⇒', '⇓', '⇔', '∀', '∂', '∃', '∅', '∇', '∈', '∉', '∋', '∏', '∑', '−', '∗', '√', '∝', '∞', '∠', '∧', '∨', '∩', '∪', '∫', '∴', '∼', '≅', '≈', '≠', '≡', '≤', '≥', '⊂', '⊃', '⊄', '⊆', '⊇', '⊕', '⊗', '⊥', '⋅', '⌈', '⌉', '⌊', '⌋', '〈', '〉', '◊', '♠', '♣', '♥', '♦');
},
/**
* Check if string is empty
* @param string $val target string
* @return boolean is empty?
*/
isEmpty : function(val) {
if (val) {
return ((val === null) || val.length == 0 || /^\s+$/.test(val));
} else {
return true;
}
},
/**
* Convert HTML entities into numerical entities
* @param string $string target string
* @return string result
*/
HTML2Numerical : function(s) {
return this.swapArrayVals(s, this.arr1, this.arr2);
},
/**
* Convert Numerical entities into HTML entities
* @param string $string target string
* @return string result
*/
NumericalToHTML : function(s) {
return this.swapArrayVals(s, this.arr2, this.arr1);
},
/**
* Numerically encodes all unicode characters
* @param string $string target string
* @return string result
*/
numEncode : function(s) {
if (this.isEmpty(s)) return "";
var e = "";
for (var i = 0; i < s.length; i++) {
var c = s.charAt(i);
if (c < " " || c > "~") {
c = "&#" + c.charCodeAt() + ";";
}
e += c;
}
return e;
},
/**
* HTML Decode numerical and HTML entities back to original values
* @param string $string target string
* @return string result
*/
htmlDecode : function(s) {
var c,m,d = s;
if (this.isEmpty(d)) return "";
// convert HTML entites back to numerical entites first
d = this.HTML2Numerical(d);
// look for numerical entities "
arr = d.match(/&#[0-9]{1,5};/g);
// if no matches found in string then skip
if (arr != null) {
for (var x = 0; x < arr.length; x++) {
m = arr[x];
c = m.substring(2, m.length - 1); //get numeric part which is refernce to unicode character
// if its a valid number we can decode
if (c >= -32768 && c <= 65535) {
// decode every single match within string
d = d.replace(m, String.fromCharCode(c));
} else {
d = d.replace(m, ""); //invalid so replace with nada
}
}
}
return d;
},
/**
* Encode an input string into either numerical or HTML entities
* @param string $string target string
* @return string result
*/
htmlEncode : function(s, dbl) {
if (this.isEmpty(s)) return "";
// do we allow double encoding? E.g will & be turned into &amp;
dbl = dbl || false; //default to prevent double encoding
// if allowing double encoding we do ampersands first
if (dbl) {
if (this.EncodeType == "numerical") {
s = s.replace(/&/g, "&");
} else {
s = s.replace(/&/g, "&");
}
}
// convert the xss chars to numerical entities ' " < >
s = this.XSSEncode(s, false);
if (this.EncodeType == "numerical" || !dbl) {
// Now call function that will convert any HTML entities to numerical codes
s = this.HTML2Numerical(s);
}
// Now encode all chars above 127 e.g unicode
s = this.numEncode(s);
// now we know anything that needs to be encoded has been converted to numerical entities we
// can encode any ampersands & that are not part of encoded entities
// to handle the fact that I need to do a negative check and handle multiple ampersands &&&
// I am going to use a placeholder
// if we don't want double encoded entities we ignore the & in existing entities
if (!dbl) {
s = s.replace(/&#/g, "##AMPHASH##");
if (this.EncodeType == "numerical") {
s = s.replace(/&/g, "&");
} else {
s = s.replace(/&/g, "&");
}
s = s.replace(/##AMPHASH##/g, "&#");
}
// replace any malformed entities
s = s.replace(/&#\d*([^\d;]|$)/g, "$1");
if (!dbl) {
// safety check to correct any double encoded &
s = this.correctEncoding(s);
}
// now do we need to convert our numerical encoded string into entities
if (this.EncodeType == "entity") {
s = this.NumericalToHTML(s);
}
return s;
},
/**
* Encodes the basic 4 characters used to malform HTML in XSS hacks
* @param string $string target string
* @return string result
*/
XSSEncode : function(s, en) {
if (!this.isEmpty(s)) {
en = en || true;
// do we convert to numerical or html entity?
if (en) {
s = s.replace(/\'/g, "'"); //no HTML equivalent as &apos is not cross browser supported
s = s.replace(/\"/g, """);
s = s.replace(/</g, "<");
s = s.replace(/>/g, ">");
} else {
s = s.replace(/\'/g, "'"); //no HTML equivalent as &apos is not cross browser supported
s = s.replace(/\"/g, """);
s = s.replace(/</g, "<");
s = s.replace(/>/g, ">");
}
return s;
} else {
return "";
}
},
/**
* Returns true if a string contains html or numerical encoded entities
* @param string $string target string
* @return boolean has encoded?
*/
hasEncoded : function(s) {
if (/&#[0-9]{1,5};/g.test(s)) {
return true;
} else if (/&[A-Z]{2,6};/gi.test(s)) {
return true;
} else {
return false;
}
},
/**
* Will remove any unicode characters
* @param string $string target string
* @return string result
*/
stripUnicode : function(s) {
return s.replace(/[^\x20-\x7E]/g, "");
},
/**
* Corrects any double encoded & entities e.g &amp;
* @param string $string target string
* @return string result
*/
correctEncoding : function(s) {
return s.replace(/(&)(amp;)+/, "$1");
},
/**
* Function to loop through an array swaping each item with the
* value from another array e.g swap HTML entities with Numericals
* @param string $string target string
* @param array $arr1 from array
* @param array $arr1 to array
* @return string result
*/
swapArrayVals : function(s, arr1, arr2) {
if (this.isEmpty(s)) return "";
var re;
if (arr1 && arr2) {
//ShowDebug("in swapArrayVals arr1.length = " + arr1.length + " arr2.length = " + arr2.length)
// array lengths must match
if (arr1.length == arr2.length) {
for (var x = 0,i = arr1.length; x < i; x++) {
re = new RegExp(arr1[x], 'g');
s = s.replace(re, arr2[x]); //swap arr1 item with matching item from arr2
}
}
}
return s;
},
/**
* Check if item is in Array.
* @param string $item target item
* @param array $arr target array
* @return number -1 or position
*/
inArray : function(item, arr) {
for (var i = 0, x = arr.length; i < x; i++) {
if (arr[i] === item) {
return i;
}
}
return -1;
},
/**
* A JavaScript equivalent of PHP’s htmlspecialchars
* http://phpjs.org/functions/htmlspecialchars/
* @param string $string
* @param string $quote_style
* @param string $charset
* @param string $double_encode
*/
htmlspecialchars: function (string, quote_style, charset, double_encode) {
var optTemp = 0,
i = 0,
noquotes = false;
if (typeof quote_style === 'undefined' || quote_style === null) {
quote_style = 2;
}
string = string.toString();
if (double_encode !== false) { // Put this first to avoid double-encoding
string = string.replace(/&/g, '&');
}
string = string.replace(/</g, '<').replace(/>/g, '>');
var OPTS = {
'ENT_NOQUOTES': 0,
'ENT_HTML_QUOTE_SINGLE': 1,
'ENT_HTML_QUOTE_DOUBLE': 2,
'ENT_COMPAT': 2,
'ENT_QUOTES': 3,
'ENT_IGNORE': 4
};
if (quote_style === 0) {
noquotes = true;
}
if (typeof quote_style !== 'number') { // Allow for a single string or an array of string flags
quote_style = [].concat(quote_style);
for (i = 0; i < quote_style.length; i++) {
// Resolve string input to bitwise e.g. 'ENT_IGNORE' becomes 4
if (OPTS[quote_style[i]] === 0) {
noquotes = true;
}
else if (OPTS[quote_style[i]]) {
optTemp = optTemp | OPTS[quote_style[i]];
}
}
quote_style = optTemp;
}
if (quote_style & OPTS.ENT_HTML_QUOTE_SINGLE) {
string = string.replace(/'/g, ''');
}
if (!noquotes) {
string = string.replace(/"/g, '"');
}
return string;
},
/**
* A JavaScript equivalent of PHP’s htmlspecialchars_decode
* http://phpjs.org/functions/htmlspecialchars_decode/
* @param string $string
* @param string $quote_style
* @param string $charset
* @param string $double_encode
*/
htmlspecialchars_decode: function(string, quote_style) {
var optTemp = 0,
i = 0,
noquotes = false;
if (typeof quote_style === 'undefined') {
quote_style = 2;
}
string = string.toString().replace(/</g, '<').replace(/>/g, '>');
var OPTS = {
'ENT_NOQUOTES': 0,
'ENT_HTML_QUOTE_SINGLE': 1,
'ENT_HTML_QUOTE_DOUBLE': 2,
'ENT_COMPAT': 2,
'ENT_QUOTES': 3,
'ENT_IGNORE': 4
};
if (quote_style === 0) {
noquotes = true;
}
if (typeof quote_style !== 'number') { // Allow for a single string or an array of string flags
quote_style = [].concat(quote_style);
for (i = 0; i < quote_style.length; i++) {
// Resolve string input to bitwise e.g. 'PATHINFO_EXTENSION' becomes 4
if (OPTS[quote_style[i]] === 0) {
noquotes = true;
} else if (OPTS[quote_style[i]]) {
optTemp = optTemp | OPTS[quote_style[i]];
}
}
quote_style = optTemp;
}
if (quote_style & OPTS.ENT_HTML_QUOTE_SINGLE) {
string = string.replace(/�*39;/g, "'"); // PHP doesn't currently escape if more than one 0, but it should
// string = string.replace(/'|�*27;/g, "'"); // This would also be useful here, but not a part of PHP
}
if (!noquotes) {
string = string.replace(/"/g, '"');
}
// Put this in last place to avoid escape being double-decoded
string = string.replace(/&/g, '&');
return string;
}
}
};