fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-09 03:32:00 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix autoescape problems

Browse source 
- 삼항식 사용시 autoescape 우선순위가 꼬이는 문제 수정
- $lang 변수는 autoescape하지 않도록 변경
- ENT_COMPAT을 ENT_QUOTES로 변경 (자바스크립트에서 사용시 '홑따옴표' 이탈 방지)
This commit is contained in:
Kijin Sung 2018-10-10 14:43:43 +09:00
parent 254b83dfd7
commit 6abd345dcf
1 changed files with 7 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
classes/template/TemplateHandler.class.php
View file

@ -557,6 +557,10 @@ class TemplateHandler
{ {
$escape_option = 'noescape'; $escape_option = 'noescape';
} }
elseif(preg_match('/^\$(?:user_)?lang->[a-zA-Z0-9\_]+$/', $m[1]))
{
$escape_option = 'noescape';
}
else else
{ {
$escape_option = $this->config->autoescape !== null ? 'auto' : 'noescape'; $escape_option = $this->config->autoescape !== null ? 'auto' : 'noescape';
@ -894,14 +898,14 @@ class TemplateHandler
switch($escape_option) switch($escape_option)
{ {
case 'escape': case 'escape':
return "htmlspecialchars({$str}, ENT_COMPAT, 'UTF-8', true)"; return "htmlspecialchars({$str}, ENT_QUOTES, 'UTF-8', true)";
case 'noescape': case 'noescape':
return "{$str}"; return "{$str}";
case 'autoescape': case 'autoescape':
return "htmlspecialchars({$str}, ENT_COMPAT, 'UTF-8', false)"; return "htmlspecialchars({$str}, ENT_QUOTES, 'UTF-8', false)";
case 'auto': case 'auto':
default: default:
return "(\$this->config->autoescape === 'on' ? htmlspecialchars({$str}, ENT_COMPAT, 'UTF-8', false) : {$str})"; return "(\$this->config->autoescape === 'on' ? htmlspecialchars({$str}, ENT_QUOTES, 'UTF-8', false) : ({$str}))";
} }
} }