fixed issue with calling functions insid an if conditional using the …

…templating syntax
hg9x · Oct 15, 2014 · b367cf1 · b367cf1
1 parent 0d727ad
commit b367cf1
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 2 deletions.
diff --git a/fuel/modules/fuel/helpers/MY_string_helper.php b/fuel/modules/fuel/helpers/MY_string_helper.php
@@ -266,10 +266,27 @@ function php_to_template_syntax($str)
 	$str = preg_replace_callback('#'.$l_delim.'(.+)(!)\s*?empty\((.+)\)#U', $callback, $str);
 
 	// remove paranthesis from within if conditional
-	$callback2 = create_function('$matches', 'return str_replace(array("(", ")"), array(" ", ""), $matches[0]);');
+	//$callback2 = create_function('$matches', 'return str_replace(array("(", ")"), array(" ", ""), $matches[0]);');
+	$callback2 = create_function('$matches', '
+		$CI =& get_instance();
+		$allowed_funcs = $CI->parser->allowed_functions();
+		$str = $matches[0];
+		$ldlim = "___<";
+		$rdlim = ">___";
+
+		// loop through all allowed function and escape any paranthis
+		foreach($allowed_funcs as $func)
+		{
+			$regex = "#(.*)".preg_quote($func)."\((.*)\)(.*)#U";
+			$str = preg_replace($regex, "$1".$func.$ldlim."$2".$rdlim."$3", $str);
+		}
+
+		// now replace any other paranthesis
+		$str = str_replace(array("(", ")"), array(" ", ""), $str);
+		$str = str_replace(array($ldlim, $rdlim), array("(", ")"), $str);
+		return $str;');
 
 	$str = preg_replace_callback('#'.$l_delim.'if.+'.$r_delim.'#U', $callback2, $str);
-
 	// fix arrays
 	$callback = create_function('$matches', '
 		if (strstr($matches[0], "=>"))

diff --git a/fuel/modules/fuel/libraries/MY_Parser.php b/fuel/modules/fuel/libraries/MY_Parser.php
@@ -337,6 +337,35 @@ public function _parse_compiled($string, $data, $return = FALSE, $cache_id = NUL
 	}
 
 	// --------------------------------------------------------------------
+
+
+	/**
+	 * Returns an array of allowed PHP functions
+	 *
+	 * @access	public
+	 * @return	array
+	 */
+	public function allowed_functions()
+	{
+		return $this->_parser_allowed_php_functions;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Returns an array of allowed PHP functions
+	 * 1 - Encode tags
+	 * 2 - Remove tags
+	 * 3 - Allow tags
+	 *
+	 * @access	public
+	 * @return	int
+	 */
+	public function allow_php_tags()
+	{
+		return $this->_parser_allow_php_tags;
+	}
+
 }
 
 class MY_Security_Policy extends Dwoo_Security_Policy {