mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-11 22:08:54 +00:00
[ticket/11828] Fix greedy operators in lexer
Use lazy operators and use stricter validation PHPBB3-11828
This commit is contained in:
Nathan Guse
parent
fc1dfd779d
commit
8c2f73bb09
3 changed files with 6 additions and 5 deletions
|
|
@ -75,7 +75,7 @@ class phpbb_template_twig_lexer extends Twig_Lexer
|
||||||
|
|
||||||
// Fix tokens that may have inline variables (e.g. <!-- DEFINE $TEST = '{FOO}')
|
// Fix tokens that may have inline variables (e.g. <!-- DEFINE $TEST = '{FOO}')
|
||||||
$code = $this->fix_inline_variable_tokens(array(
|
$code = $this->fix_inline_variable_tokens(array(
|
||||||
'DEFINE.+=',
|
'DEFINE \$[a-zA-Z0-9]+ =',
|
||||||
'INCLUDE',
|
'INCLUDE',
|
||||||
'INCLUDEPHP',
|
'INCLUDEPHP',
|
||||||
'INCLUDEJS',
|
'INCLUDEJS',
|
||||||
|
|
@ -240,7 +240,7 @@ class phpbb_template_twig_lexer extends Twig_Lexer
|
||||||
return "<!-- {$matches[1]}IF{$inner}-->";
|
return "<!-- {$matches[1]}IF{$inner}-->";
|
||||||
};
|
};
|
||||||
|
|
||||||
return preg_replace_callback('#<!-- (ELSE)?IF((.*)[\s][\$|\.|!]([^\s]+)(.*))-->#', $callback, $code);
|
return preg_replace_callback('#<!-- (ELSE)?IF((.*?)[\s][\$|\.|!]([^\s]+)(.*?))-->#', $callback, $code);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -264,10 +264,10 @@ class phpbb_template_twig_lexer extends Twig_Lexer
|
||||||
*/
|
*/
|
||||||
|
|
||||||
// Replace <!-- DEFINE $NAME with {% DEFINE definition.NAME
|
// Replace <!-- DEFINE $NAME with {% DEFINE definition.NAME
|
||||||
$code = preg_replace('#<!-- DEFINE \$(.*)-->#', '{% DEFINE $1 %}', $code);
|
$code = preg_replace('#<!-- DEFINE \$(.*?) -->#', '{% DEFINE $1 %}', $code);
|
||||||
|
|
||||||
// Changing UNDEFINE NAME to DEFINE NAME = null to save from creating an extra token parser/node
|
// Changing UNDEFINE NAME to DEFINE NAME = null to save from creating an extra token parser/node
|
||||||
$code = preg_replace('#<!-- UNDEFINE \$(.*)-->#', '{% DEFINE $1= null %}', $code);
|
$code = preg_replace('#<!-- UNDEFINE \$(.*?)-->#', '{% DEFINE $1= null %}', $code);
|
||||||
|
|
||||||
// Replace all of our variables, {$VARNAME}, with Twig style, {{ definition.VARNAME }}
|
// Replace all of our variables, {$VARNAME}, with Twig style, {{ definition.VARNAME }}
|
||||||
$code = preg_replace('#{\$([a-zA-Z0-9_\.]+)}#', '{{ definition.$1 }}', $code);
|
$code = preg_replace('#{\$([a-zA-Z0-9_\.]+)}#', '{{ definition.$1 }}', $code);
|
||||||
|
|
|
||||||
|
|
@ -158,7 +158,7 @@ class phpbb_template_template_test extends phpbb_template_template_test_case
|
||||||
array(),
|
array(),
|
||||||
array('test_loop' => array(array(), array(), array(), array(), array(), array(), array()), 'test' => array(array()), 'test.deep' => array(array()), 'test.deep.defines' => array(array())),
|
array('test_loop' => array(array(), array(), array(), array(), array(), array(), array()), 'test' => array(array()), 'test.deep' => array(array()), 'test.deep.defines' => array(array())),
|
||||||
array(),
|
array(),
|
||||||
"xyz\nabc\n\$VALUE == 'abc'abc\nbar\nbar\nabc\ntest!@#$%^&*()_-=+{}[]:;\",<.>/?\n[]",
|
"xyz\nabc\n\$VALUE == 'abc'abc\nbar\nbar\nabc\ntest!@#$%^&*()_-=+{}[]:;\",<.>/?\n[]|foobar|",
|
||||||
),
|
),
|
||||||
array(
|
array(
|
||||||
'define_advanced.html',
|
'define_advanced.html',
|
||||||
|
|
|
||||||
|
|
@ -16,3 +16,4 @@ $VALUE == 'abc'
|
||||||
{$VALUE}
|
{$VALUE}
|
||||||
<!-- DEFINE $VALUE = '' -->
|
<!-- DEFINE $VALUE = '' -->
|
||||||
[{$VALUE}]
|
[{$VALUE}]
|
||||||
|
<!-- DEFINE $TEST -->foobar<!-- ENDDEFINE -->|{$TEST}|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue