[phpwiki-checkins] SF.net SVN: phpwiki:[7797] trunk/lib

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 7797
          http://phpwiki.svn.sourceforge.net/phpwiki/?rev=7797&view=rev
Author:   vargenau
Date:     2010-12-21 13:23:45 +0000 (Tue, 21 Dec 2010)

Log Message:
-----------
Fix: Cannot call a template with double quotes - ID: 2094827

Modified Paths:
--------------
    trunk/lib/BlockParser.php
    trunk/lib/InlineParser.php
    trunk/lib/config.php
    trunk/lib/plugin/Template.php

Modified: trunk/lib/BlockParser.php
===================================================================

--- trunk/lib/BlockParser.php	2010-12-20 16:02:14 UTC (rev 7796)
+++ trunk/lib/BlockParser.php	2010-12-21 13:23:45 UTC (rev 7797)
@@ -1,7 +1,7 @@
 <?php // rcs_id('$Id$');
 /* Copyright (C) 2002 Geoffrey T. Dairiki <da...@da...>
  * Copyright (C) 2004,2005 Reini Urban
- * Copyright (C) 2008-2009 Marc-Etienne Vargenau, Alcatel-Lucent
+ * Copyright (C) 2008-2010 Marc-Etienne Vargenau, Alcatel-Lucent
  *
  * This file is part of PhpWiki.
  *
@@ -1174,6 +1174,11 @@
         }
 
         $pi = str_replace("\n", "", $pi);
+
+        // The argument value might contain a double quote (")
+        // We have to encode that.
+        $pi = htmlspecialchars($pi);
+
         $vars = '';
 
         if (preg_match('/^(\S+?)\|(.*)$/', $pi, $_m)) {

Modified: trunk/lib/InlineParser.php
===================================================================
--- trunk/lib/InlineParser.php	2010-12-20 16:02:14 UTC (rev 7796)
+++ trunk/lib/InlineParser.php	2010-12-21 13:23:45 UTC (rev 7797)
@@ -1084,6 +1084,11 @@
         }
 
         $page = str_replace("\n", "", $page);
+
+        // The argument value might contain a double quote (")
+        // We have to encode that.
+        $page = htmlspecialchars($page);
+
         $vars = '';
 
         if (preg_match('/^(\S+?)\|(.*)$/', $page, $_m)) {

Modified: trunk/lib/config.php
===================================================================
--- trunk/lib/config.php	2010-12-20 16:02:14 UTC (rev 7796)
+++ trunk/lib/config.php	2010-12-21 13:23:45 UTC (rev 7797)
@@ -335,6 +335,15 @@
   }
 }
 
+// htmlspecialchars_decode exists for PHP >= 5.1
+if (!function_exists('htmlspecialchars_decode')) {
+
+  function htmlspecialchars_decode($text) {
+      return strtr($text, array_flip(get_html_translation_table(HTML_SPECIALCHARS)));
+  }
+
+}
+
 /**
  * safe php4 definition for clone.
  * php5 copies objects by reference, but we need to clone "deep copy" in some places.

Modified: trunk/lib/plugin/Template.php
===================================================================
--- trunk/lib/plugin/Template.php	2010-12-20 16:02:14 UTC (rev 7796)
+++ trunk/lib/plugin/Template.php	2010-12-21 13:23:45 UTC (rev 7797)
@@ -2,7 +2,7 @@
 // rcs_id('$Id$');
 /*
  * Copyright 2005,2007 $ThePhpWikiProgrammingTeam
- * Copyright 2008-2009 Marc-Etienne Vargenau, Alcatel-Lucent
+ * Copyright 2008-2010 Marc-Etienne Vargenau, Alcatel-Lucent
  *
  * This file is part of PhpWiki.
  *
@@ -253,8 +253,9 @@
                 $var['BASE_URL'] = PHPWIKI_BASE_URL;
 
             foreach ($var as $key => $val) {
-                //$content = preg_replace("/%%".preg_quote($key,"/")."%%/", $val, $content);
-                $content = str_replace("%%".$key."%%", $val, $content);
+                // We have to decode the double quotes that have been encoded
+                // in inline or block parser.
+                $content = str_replace("%%".$key."%%", htmlspecialchars_decode($val), $content);
             }
         }
         return $content;


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


