diff options
| author | Marek A. R <aptx@phpbb.com> | 2008-07-28 15:01:06 +0000 |
|---|---|---|
| committer | Marek A. R <aptx@phpbb.com> | 2008-07-28 15:01:06 +0000 |
| commit | 8c186d97c6a43f3fb71c2c5acb9fdd08f0c573e2 (patch) | |
| tree | 9e260954993c01a58eeee4d3aa5a70a83c999f05 | |
| parent | 1b67e804224a4477031da03ff5108c621cf6d13b (diff) | |
| download | forums-8c186d97c6a43f3fb71c2c5acb9fdd08f0c573e2.tar forums-8c186d97c6a43f3fb71c2c5acb9fdd08f0c573e2.tar.gz forums-8c186d97c6a43f3fb71c2c5acb9fdd08f0c573e2.tar.bz2 forums-8c186d97c6a43f3fb71c2c5acb9fdd08f0c573e2.tar.xz forums-8c186d97c6a43f3fb71c2c5acb9fdd08f0c573e2.zip | |
- Make "<?" and/or "<%" in template files not break the compiled template.
- Enable <!-- PHP --> and <!-- INCLUDEPHP --> again.
git-svn-id: file:///svn/phpbb/trunk@8699 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/includes/functions_template.php | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/phpBB/includes/functions_template.php b/phpBB/includes/functions_template.php index 31cee929b2..7d9e37ff0d 100644 --- a/phpBB/includes/functions_template.php +++ b/phpBB/includes/functions_template.php @@ -74,11 +74,14 @@ class template_filter extends php_user_filter private function compile($data) { + $data = preg_replace('#<(?:[\\?%]|script)#s', '<?php echo\'\\0\';?>', $data); return str_replace('?><?php', '', preg_replace_callback($this->regex, array($this, 'replace'), $data)); } private function replace($matches) { + global $config; + if (isset($matches[3])) { return $this->compile_var_tags($matches[0]); @@ -129,14 +132,18 @@ class template_filter extends php_user_filter return '<?php ' . $this->compile_tag_include($matches[2]) . ' ?>'; break; -/* case 'INCLUDEPHP': - $this->compile_blocks[] = ($config['tpl_allow_php']) ? '<?php ' . $this->compile_tag_include_php(array_shift($includephp_blocks)) . ' ?>' : ''; + case 'INCLUDEPHP': + return ($config['tpl_allow_php']) ? '<?php ' . $this->compile_tag_include_php($matches[2]) . ' ?>' : ''; break; case 'PHP': - $this->compile_blocks[] = ($config['tpl_allow_php']) ? '<?php ' . array_shift($php_blocks) . ' ?>' : ''; + return ($config['tpl_allow_php']) ? '<?php ' : '<!-- '; break; -*/ + + case 'ENDPHP': + return ($config['tpl_allow_php']) ? ' ?>' : ' -->'; + break; + default: return $matches[0]; break; @@ -737,9 +744,9 @@ class template_compile return false; } - stream_filter_append($source_handle, 'template'); + @flock($destination_handle, LOCK_EX); - @flock($destination_handle); + stream_filter_append($source_handle, 'template'); stream_copy_to_stream($source_handle, $destination_handle); @fclose($source_handle); @@ -775,4 +782,4 @@ class template_compile } } -?> +?>
\ No newline at end of file |