Cutelee  6.1.0
Classes | Public Types | Public Member Functions | List of all members
Cutelee::SafeString Class Reference

A QString wrapper class for containing whether a string is safe or needs to be escaped. More...

#include <cutelee/safestring.h>

Classes

class  NestedString
 The NestedString is a QString whose methods always return a SafeString. More...
 

Public Types

enum  Safety { IsSafe , IsNotSafe }
 

Public Member Functions

 SafeString ()
 
 SafeString (const QString &str, bool safe)
 
 SafeString (const QString &str, Safety safety=IsNotSafe)
 
 SafeString (const SafeString &safeString)
 
 ~SafeString ()
 
NestedStringget ()
 
const NestedStringget () const
 
bool isSafe () const
 
bool needsEscape () const
 
 operator QString () const
 
 operator QVariant () const
 
SafeString operator+ (const QString &str)
 
SafeString operator+ (const SafeString &str)
 
SafeStringoperator+= (const QString &str)
 
SafeStringoperator+= (const SafeString &str)
 
SafeStringoperator= (const SafeString &str)
 
bool operator== (const QString &other) const
 
bool operator== (const SafeString &other) const
 

Detailed Description

This allows lazy escaping of strings. Otherwise a string may be escaped multiple times where it should only be escaped once.

The SafeString class itself provides information about whether a string is safe from further escaping through the isSafe method. The actual string content held by the SafeString instance is available through the get method. The get method returns a QString subclass which should be used like any other QString. The difference is that all methods on NestedString return a SafeString instead of a QString.

SafeString s("this & that", SafeString::IsSafe);
s.get().replace( "this", "these" ).toUpper();
qDebug() << s.get() << s.isSafe(); // outputs "these & that" false
@ IsSafe
The string is safe and requires no further escaping.
Definition: safestring.h:98

Note that most operations on strings make the string unsafe. For example, while "K &amp; R" is safe, using replace("m", "n") will result in "K &anp; R", which is unsafe. Likewise using upper() will return "K &AMP; R", which is unsafe. Because the SafeString can not determine whether a method call with particular arguments will change a SafeString from being safe to being unsafe, any operation which can possibly make the string unsafe does cause the string to become unsafe. It is then up to the caller to restore safe-ness if needed.

NestedString has overloads for SafeStrings whereever appropriate so that strings remain marked as safe where possible.

For example:

SafeString s1("this & that", SafeString::IsSafe);
s2 = s1;
s1.append( QString( " & the other" ) );
// s1 is now "this & that & the other" and is unsafe.
SafeString s3(" Wobl & Bob", SafeString::IsSafe);
s2.append(s3);
// Both s2 and s3 are safe, and append is a safe operation, so s2
// is still safe
See also
Autoescaping and safe-ness
OutputStream::escape

The SafeString class has appropriate operator overloads to make it convenient to use in methods returning a QVariant, such as Filter::doFilter, or as a QString. Note that a raw QString is essentially the same as a SafeString which is marked as unsafe.

Author
Stephen Kelly steve.nosp@m.ire@.nosp@m.gmail.nosp@m..com

Definition at line 91 of file safestring.h.

Member Enumeration Documentation

◆ Safety

Possible safety states of a SafeString

Enumerator
IsSafe 

The string is safe and requires no further escaping.

IsNotSafe 

The string is not safe. It will be escaped before being added to the output of rendering.

Definition at line 97 of file safestring.h.

Constructor & Destructor Documentation

◆ SafeString() [1/4]

SafeString::SafeString ( )

Constructs an empty SafeString.

Definition at line 27 of file safestring.cpp.

Referenced by operator+().

◆ SafeString() [2/4]

SafeString::SafeString ( const SafeString safeString)

Copy constructor

Definition at line 32 of file safestring.cpp.

◆ SafeString() [3/4]

SafeString::SafeString ( const QString str,
bool  safe 
)

Constructs a SafeString with the content str whose safety is given by safe.

Definition at line 38 of file safestring.cpp.

◆ SafeString() [4/4]

SafeString::SafeString ( const QString str,
Safety  safety = IsNotSafe 
)

Constructs a SafeString with the content str whose safety is given by safety.

Definition at line 44 of file safestring.cpp.

◆ ~SafeString()

SafeString::~SafeString ( )

Destructor

Definition at line 49 of file safestring.cpp.

Member Function Documentation

◆ get() [1/2]

NestedString& Cutelee::SafeString::get ( )
inline

Returns the String held by this SafeString

Definition at line 345 of file safestring.h.

◆ get() [2/2]

const NestedString& Cutelee::SafeString::get ( ) const
inline

◆ isSafe()

bool SafeString::isSafe ( ) const

◆ needsEscape()

bool SafeString::needsEscape ( ) const

Whether the string needs to be escaped.

Definition at line 56 of file safestring.cpp.

Referenced by Cutelee::markForEscaping(), and Cutelee::OutputStream::operator<<().

◆ operator QString()

Cutelee::SafeString::operator QString ( ) const
inline

Convenience operator for treating a SafeString like a QString.

Definition at line 350 of file safestring.h.

◆ operator QVariant()

Cutelee::SafeString::operator QVariant ( ) const
inline

Convenience operator for storing a SafeString in a QVariant.

Definition at line 402 of file safestring.h.

◆ operator+() [1/2]

SafeString SafeString::operator+ ( const QString str)

Returns a concatenation of this with str.

The result is not safe because str is not safe.

Definition at line 87 of file safestring.cpp.

References SafeString(), and IsNotSafe.

◆ operator+() [2/2]

SafeString SafeString::operator+ ( const SafeString str)

Returns a concatenation of this with str.

The result is safe if both this and str are safe.

Definition at line 92 of file safestring.cpp.

References SafeString(), get(), IsNotSafe, and isSafe().

◆ operator+=() [1/2]

SafeString & SafeString::operator+= ( const QString str)

Appends the content of str to this.

The result is not safe because str is not safe.

Definition at line 103 of file safestring.cpp.

References IsNotSafe.

◆ operator+=() [2/2]

SafeString & SafeString::operator+= ( const SafeString str)

Appends the content of str to this.

The result is safe if both this and str are safe.

Definition at line 111 of file safestring.cpp.

References get(), IsNotSafe, and isSafe().

◆ operator=()

SafeString & SafeString::operator= ( const SafeString str)

Assignment operator.

Definition at line 76 of file safestring.cpp.

◆ operator==() [1/2]

bool SafeString::operator== ( const QString other) const

Returns true if the content of other matches the content of this.

Safeness and needing escaping are not accounted for in the comparison.

Definition at line 127 of file safestring.cpp.

◆ operator==() [2/2]

bool SafeString::operator== ( const SafeString other) const

Returns true if the content of other matches the content of this.

Safeness and needing escaping are not accounted for in the comparison.

Definition at line 120 of file safestring.cpp.

References get().