smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-07 03:44:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

revert patch for secuity hole, update site url

Browse Source
This commit is contained in:
monte.ohrt
2008-09-22 15:29:16 +00:00
parent 1cfe2b63a1
commit 2e61902cdf
1 changed files with 1 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
libs/Smarty_Compiler.class.php
View File

@@ -18,10 +18,6 @@
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* For questions, help, comments, discussion, etc., please join the
* Smarty mailing list. Send a blank e-mail to
* smarty-discussion-subscribe@googlegroups.com
*
* @link http://www.smarty.net/
* @author Monte Ohrt <monte at ohrt dot com>
* @author Andrei Zmievski <andrei@php.net>
@@ -1708,10 +1704,7 @@ class Smarty_Compiler extends Smarty {
$_return = $var_expr;
}
// replace double quoted literal string with single quotes
// The follwoing line has been replaced to close a function injection security hole (U.Tews)
// $_return = preg_replace('~^"([\s\w]+)"$~',"'\\1'",$_return);
$_return = str_replace('"',"'",$_return);
$_return = preg_replace('~^"([\s\w]+)"$~',"'\\1'",$_return);
return $_return;
}