[Phplib-commit] CVS: php-lib/php/ext template.inc,1.5,1.6

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/phplib/php-lib/php/ext
In directory usw-pr-cvs1:/tmp/cvs-serv28494

Modified Files:
	template.inc 
Log Message:
sync with -stable tree
 
Bug #542612
new method of preventing '\' stripping instead of nasty &#(36|92); hack
(by Scott Lahteine)

Index: template.inc
===================================================================
RCS file: /cvsroot/phplib/php-lib/php/ext/template.inc,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** template.inc	10 Aug 2001 05:31:49 -0000	1.5
--- template.inc	25 Apr 2002 10:47:59 -0000	1.6
***************
*** 33,36 ****
--- 33,37 ----
   * '\n' was also being stripped. Fix by replacing with &#(36|92); in set_var and unreplacing in finish (rha)
   * in get_undefined, only match non-whitespace in variable tags as in finish. (Layne Weathers & rha)
+  * new method of preventing '\' stripping instead of nasty &#(36|92); hack (Scott Lahteine)
   *
   *
***************
*** 352,356 ****
            printf("<b>set_var:</b> (with scalar) <b>%s</b> = '%s'<br>\n", $varname, htmlentities($value));
          }
-         $value = preg_replace(array('/\$([0-9])/', '/\\\\([0-9])/'), array('&#36;\1', '&#92;\1'), $value);
          $this->varkeys[$varname] = "/".$this->varname($varname)."/";
          if ($append && isset($this->varvals[$varname])) {
--- 353,356 ----
***************
*** 367,371 ****
              printf("<b>set_var:</b> (with array) <b>%s</b> = '%s'<br>\n", $k, htmlentities($v));
            }
-           $v = preg_replace(array('/\$([0-9])/', '/\\\\([0-9])/'), array('&#36;\1', '&#92;\1'), $v);
            $this->varkeys[$k] = "/".$this->varname($k)."/";
            if ($append && isset($this->varvals[$k])) {
--- 367,370 ----
***************
*** 396,399 ****
--- 395,399 ----
    */
    function subst($varname) {
+     $varvals_quoted = array();
      if ($this->debug & 4) {
        echo "<p><b>subst:</b> varname = $varname</p>\n";
***************
*** 404,409 ****
      }
  
      $str = $this->get_var($varname);
!     $str = preg_replace($this->varkeys, $this->varvals, $str);
      return $str;
    }
--- 404,414 ----
      }
  
+     // quote the replacement strings to prevent bogus stripping of special chars
+     while(list($k, $v) = each($this->varvals)) {
+       $varvals_quoted[$k] = preg_quote($v);
+     }
+ 
      $str = $this->get_var($varname);
!     $str = preg_replace($this->varkeys, $varvals_quoted, $str);
      return $str;
    }
***************
*** 678,682 ****
      }
  
-     $str = preg_replace(array('/&#36;([0-9])/', '/&#92;([0-9])/'), array('$\1', '\\\1'), $str);
      return $str;
    }
--- 683,686 ----