smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-02 17:34:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix incorrect compilation of expressions when escape_html=true

Browse Source 
Fixes #930
This commit is contained in:
Simon Wisselink
2024-02-05 14:13:37 +01:00
parent e0cbbdf6ea
commit 0141cdeef9
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@@ -9,6 +9,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Added
- PHP8.3 support [#925](https://github.com/smarty-php/smarty/issues/925)
### Fixed
- Incorrect compilation of expressions when escape_html=true [#930](https://github.com/smarty-php/smarty/pull/930)
## [4.3.4] - 2023-09-14
## [4.3.3] - 2023-09-14

2
libs/sysplugins/smarty_internal_compile_private_print_expression.php
View File

@@ -93,7 +93,7 @@ class Smarty_Internal_Compile_Private_Print_Expression extends Smarty_Internal_C
}
// autoescape html
if ($compiler->template->smarty->escape_html) {
$output = "htmlspecialchars((string) {$output}, ENT_QUOTES, '" . addslashes(Smarty::$_CHARSET) . "')";
$output = "htmlspecialchars((string) ({$output}), ENT_QUOTES, '" . addslashes(Smarty::$_CHARSET) . "')";
}
// loop over registered filters
if (!empty($compiler->template->smarty->registered_filters[ Smarty::FILTER_VARIABLE ])) {