diff --git a/classes/template/TemplateHandler.class.php b/classes/template/TemplateHandler.class.php
index ed233dcf6..4f2920f00 100644
--- a/classes/template/TemplateHandler.class.php
+++ b/classes/template/TemplateHandler.class.php
@@ -293,6 +293,9 @@ class TemplateHandler
 		// prevent from calling directly before writing into file
 		$buff = '<?php if(!defined("__XE__"))exit;?>' . $buff;
 
+		// restore curly braces from temporary entities
+		$buff = self::_replaceTempEntities($buff);
+
 		// remove php script reopening
 		$buff = preg_replace(array('/(\n|\r\n)+/', '/(;)?( )*\?\>\<\?php([\n\t ]+)?/'), array("\n", ";\n"), $buff);
 
@@ -1100,7 +1103,7 @@ class TemplateHandler
 	 * Replace PHP variables of $ character
 	 * 
 	 * @param string $php
-	 * @return string $__Context->varname
+	 * @return string
 	 */
 	private static function _replaceVar($php)
 	{
@@ -1109,9 +1112,9 @@ class TemplateHandler
 			return '';
 		}
 		
-		// Replace some variables that need to be enclosed in curly braces.
+		// Replace variables that need to be enclosed in curly braces, using temporary entities to prevent double-replacement.
 		$php = preg_replace_callback('@(?<!\$__Context)->\$([a-z_][a-z0-9_]*)@i', function($matches) {
-			return '->{$__Context->' . $matches[1] . '}';
+			return '->' . self::_getTempEntityForChar('{') . '$__Context->' . $matches[1] . self::_getTempEntityForChar('}');
 		}, $php);
 		
 		// Replace all other variables with Context attributes.
@@ -1128,7 +1131,31 @@ class TemplateHandler
 		
 		return $php;
 	}
-
+	
+	/**
+	 * Replace temporary entities to curly braces.
+	 * 
+	 * @param string $str
+	 * @return string
+	 */
+	private static function _replaceTempEntities($str)
+	{
+		return strtr($str, [
+			'&#x1B;&#x7B;' => '{',
+			'&#x1B;&#x7D;' => '}',
+		]);
+	}
+	
+	/**
+	 * Get the temporary entity for a character.
+	 * 
+	 * @param string $char
+	 * @return string
+	 */
+	private static function _getTempEntityForChar($char)
+	{
+		return '&#x1B;&#x' . strtoupper(bin2hex($char)) . ';';
+	}
 }
 /* End of File: TemplateHandler.class.php */
 /* Location: ./classes/template/TemplateHandler.class.php */
diff --git a/tests/unit/classes/TemplateHandlerTest.php b/tests/unit/classes/TemplateHandlerTest.php
index 42f06be47..3dd3151f1 100644
--- a/tests/unit/classes/TemplateHandlerTest.php
+++ b/tests/unit/classes/TemplateHandlerTest.php
@@ -324,6 +324,14 @@ class TemplateHandlerTest extends \Codeception\TestCase\Test
             array(
                 '<!--@if($foo->$bar)--><div></div><!--@endif-->',
                 "\n" . 'if($__Context->foo->{$__Context->bar}){ ?><div></div><?php } ?>'
+            ),
+            array(
+                '<aside cond="$foo->$bar"><img src="" /></aside>',
+                "\n" . 'if($__Context->foo->{$__Context->bar}){ ?><aside><img src="" /></aside><?php } ?>'
+            ),
+            array(
+                '<ul loop="$foo->$bar => $key, $val" class="test"|cond="$foo->$key"><li>{$val}</li></ul>',
+                "\n" . '$__loop_tmp=$__Context->foo->{$__Context->bar};if($__loop_tmp)foreach($__loop_tmp as $__Context->key=>$__Context->val){ ?><ul<?php if($__Context->foo->{$__Context->key}){ ?> class="test"<?php } ?>><li><?php echo $__Context->val ?></li></ul><?php } ?>'
             ),
 			// Rhymix autoescape
             array(