From 986640555a0c9f9743b822f70491f6c9374352c9 Mon Sep 17 00:00:00 2001
From: messju <messju@localhost>
Date: Thu, 4 Aug 2005 19:43:21 +0000
Subject: [PATCH] fixed proper escaping for literal strings passed to
 Smarty_Compiler::_expand_quoted_text() by Smarty_Compiler::_parse_var_props()

---
 NEWS                           | 2 ++
 libs/Smarty_Compiler.class.php | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index d8dc1ac6..8fb89ec7 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,5 @@
+  - fix proper escaping for literal strings in
+    Smarty_Compiler::_parse_var_props() (boots, messju)
   - remove ambiguity for numeric values passed to smarty_make_timestamp()
     (and thus the date_format modifier). numeric values are treated as
     timestamps now. (andreas, messju)
diff --git a/libs/Smarty_Compiler.class.php b/libs/Smarty_Compiler.class.php
index 47e17d8a..ad91fb3c 100644
--- a/libs/Smarty_Compiler.class.php
+++ b/libs/Smarty_Compiler.class.php
@@ -1650,7 +1650,7 @@ class Smarty_Compiler extends Smarty {
             }
         elseif(!in_array($val, $this->_permitted_tokens) && !is_numeric($val)) {
             // literal string
-            return $this->_expand_quoted_text('"' . $val .'"');
+            return $this->_expand_quoted_text('"' . strtr($val, array('\\' => '\\\\', '"' => '\\"')) .'"');
         }
         return $val;
     }