smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-07 11:54:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

fixed proper escaping for literal strings passed to

Browse Source 
Smarty_Compiler::_expand_quoted_text() by
Smarty_Compiler::_parse_var_props()
This commit is contained in:
messju
2005-08-04 19:43:21 +00:00
parent f96326d4a9
commit 986640555a
2 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
NEWS
View File

@@ -1,3 +1,5 @@
- fix proper escaping for literal strings in
Smarty_Compiler::_parse_var_props() (boots, messju)
- remove ambiguity for numeric values passed to smarty_make_timestamp() - remove ambiguity for numeric values passed to smarty_make_timestamp()
(and thus the date_format modifier). numeric values are treated as (and thus the date_format modifier). numeric values are treated as
timestamps now. (andreas, messju) timestamps now. (andreas, messju)

2
libs/Smarty_Compiler.class.php
View File

@@ -1650,7 +1650,7 @@ class Smarty_Compiler extends Smarty {
} }
elseif(!in_array($val, $this->_permitted_tokens) && !is_numeric($val)) { elseif(!in_array($val, $this->_permitted_tokens) && !is_numeric($val)) {
// literal string // literal string
return $this->_expand_quoted_text('"' . $val .'"'); return $this->_expand_quoted_text('"' . strtr($val, array('\\' => '\\\\', '"' => '\\"')) .'"');
} }
return $val; return $val;
} }