mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 22:10:45 +02:00
Code Issues Releases Wiki Activity

[ticket/11828] Fix greedy operators in lexer

Browse Source 
Use lazy operators and use stricter validation

PHPBB3-11828
This commit is contained in:
Nathan Guse
2013-09-12 14:15:41 -05:00
parent fc1dfd779d
commit 8c2f73bb09
3 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
phpBB/phpbb/template/twig/lexer.php
View File

@@ -75,7 +75,7 @@ class phpbb_template_twig_lexer extends Twig_Lexer
// Fix tokens that may have inline variables (e.g. <!-- DEFINE $TEST = '{FOO}')
$code = $this->fix_inline_variable_tokens(array(
'DEFINE.+=',
'DEFINE \$[a-zA-Z0-9]+ =',
'INCLUDE',
'INCLUDEPHP',
'INCLUDEJS',
@@ -240,7 +240,7 @@ class phpbb_template_twig_lexer extends Twig_Lexer
return "<!-- {$matches[1]}IF{$inner}-->";
};
return preg_replace_callback('#<!-- (ELSE)?IF((.*)[\s][\$|\.|!]([^\s]+)(.*))-->#', $callback, $code);
return preg_replace_callback('#<!-- (ELSE)?IF((.*?)[\s][\$|\.|!]([^\s]+)(.*?))-->#', $callback, $code);
}
/**
@@ -264,10 +264,10 @@ class phpbb_template_twig_lexer extends Twig_Lexer
*/
// Replace <!-- DEFINE $NAME with {% DEFINE definition.NAME
$code = preg_replace('#<!-- DEFINE \$(.*)-->#', '{% DEFINE $1 %}', $code);
$code = preg_replace('#<!-- DEFINE \$(.*?) -->#', '{% DEFINE $1 %}', $code);
// Changing UNDEFINE NAME to DEFINE NAME = null to save from creating an extra token parser/node
$code = preg_replace('#<!-- UNDEFINE \$(.*)-->#', '{% DEFINE $1= null %}', $code);
$code = preg_replace('#<!-- UNDEFINE \$(.*?)-->#', '{% DEFINE $1= null %}', $code);
// Replace all of our variables, {$VARNAME}, with Twig style, {{ definition.VARNAME }}
$code = preg_replace('#{\$([a-zA-Z0-9_\.]+)}#', '{{ definition.$1 }}', $code);