$ord <= 0x1f &&
$chr !== "\t" &&
$chr !== "\n" &&
$chr !== "\r"
) || ($ord >= 0x7f &&
$ord <= 0x9f
) ) { return '�';
} /**
* Check if the current character to escape has a name entity we should
* replace it with while grabbing the integer value of the character.
*/
if (strlen($chr) > 1
) { $chr =
$this->
convertEncoding($chr, 'UTF-32BE', 'UTF-8'
);
} $hex =
bin2hex($chr);
$ord =
hexdec($hex);
if (isset(static::
$htmlNamedEntityMap[$ord])) { return '&' .
static::
$htmlNamedEntityMap[$ord] . ';';
} /**
* Per OWASP recommendations, we'll use upper hex entities
* for any other characters where a named entity does not exist.
*/