diff options
| author | Matt Friedman <maf675@gmail.com> | 2015-01-29 01:41:28 -0800 |
|---|---|---|
| committer | Matt Friedman <maf675@gmail.com> | 2015-01-29 01:41:28 -0800 |
| commit | a62adfc1157d6b071f013f9a5f34ccc86ea39220 (patch) | |
| tree | 52be99a4d65d64699c26bd61c7b5ac5f20eff0b2 | |
| parent | fc412a97ca355b910d6b6e52d4b1a28d0e8ce2c8 (diff) | |
| download | forums-a62adfc1157d6b071f013f9a5f34ccc86ea39220.tar forums-a62adfc1157d6b071f013f9a5f34ccc86ea39220.tar.gz forums-a62adfc1157d6b071f013f9a5f34ccc86ea39220.tar.bz2 forums-a62adfc1157d6b071f013f9a5f34ccc86ea39220.tar.xz forums-a62adfc1157d6b071f013f9a5f34ccc86ea39220.zip | |
[ticket/10388] Use TWIG escape JS filter instead of addslashes
PHPBB3-10388
| -rw-r--r-- | phpBB/phpbb/template/twig/extension.php | 4 | ||||
| -rw-r--r-- | phpBB/phpbb/template/twig/lexer.php | 6 |
2 files changed, 5 insertions, 5 deletions
diff --git a/phpBB/phpbb/template/twig/extension.php b/phpBB/phpbb/template/twig/extension.php index 3a983491b9..2eb5370b59 100644 --- a/phpBB/phpbb/template/twig/extension.php +++ b/phpBB/phpbb/template/twig/extension.php @@ -71,7 +71,7 @@ class extension extends \Twig_Extension { return array( new \Twig_SimpleFilter('subset', array($this, 'loop_subset'), array('needs_environment' => true)), - new \Twig_SimpleFilter('addslashes', 'addslashes'), + new \Twig_SimpleFilter('addslashes', 'addslashes'), // Deprecate addslashes in phpBB 3.1.4 ); } @@ -177,7 +177,7 @@ class extension extends \Twig_Extension return $context_vars['L_' . $key]; } - // LA_ is transformed into lang(\'$1\')|addslashes, so we should not + // LA_ is transformed into lang(\'$1\')|escape('js'), so we should not // need to check for it return call_user_func_array(array($this->user, 'lang'), $args); diff --git a/phpBB/phpbb/template/twig/lexer.php b/phpBB/phpbb/template/twig/lexer.php index a7848738bb..f1542109a4 100644 --- a/phpBB/phpbb/template/twig/lexer.php +++ b/phpBB/phpbb/template/twig/lexer.php @@ -117,9 +117,9 @@ class lexer extends \Twig_Lexer // Appends any filters after lang() $code = preg_replace('#{L_([a-zA-Z0-9_\.]+)(\|[^}]+?)?}#', '{{ lang(\'$1\')$2 }}', $code); - // Replace all of our escaped language variables, {LA_VARNAME}, with Twig style, {{ lang('NAME')|addslashes }} - // Appends any filters after lang(), but before addslashes - $code = preg_replace('#{LA_([a-zA-Z0-9_\.]+)(\|[^}]+?)?}#', '{{ lang(\'$1\')$2|addslashes }}', $code); + // Replace all of our escaped language variables, {LA_VARNAME}, with Twig style, {{ lang('NAME')|escape('js') }} + // Appends any filters after lang(), but before escape('js') + $code = preg_replace('#{LA_([a-zA-Z0-9_\.]+)(\|[^}]+?)?}#', '{{ lang(\'$1\')$2|escape(\'js\') }}', $code); // Replace all of our variables, {VARNAME}, with Twig style, {{ VARNAME }} // Appends any filters |