You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The parser, as far as regards functions is doing a blacklist filter in all the function, the name, the content, ... . So some functions that can use words that are listed in the blacklist throw an exception.
Per example, the function gettext is used to do a i18n of the content and may use words like system, unlink,... and will throw the pertinent exception.
The method must filtrate the function name and not his content, i think.
Other problem may be the callback functions, but adding these to the blacklist should be ok to prevent any damage.
So i suggest change the line in the compileTemplate method, in parser class, refered to the function parser from: $this->blackList($parsedFunction);
to $this->blackList($function);
Please tell me if im wrong.
Thanks!!! :)
The text was updated successfully, but these errors were encountered:
The parser, as far as regards functions is doing a blacklist filter in all the function, the name, the content, ... . So some functions that can use words that are listed in the blacklist throw an exception.
Per example, the function gettext is used to do a i18n of the content and may use words like system, unlink,... and will throw the pertinent exception.
The method must filtrate the function name and not his content, i think.
Other problem may be the callback functions, but adding these to the blacklist should be ok to prevent any damage.
So i suggest change the line in the
compileTemplatemethod, in parser class, refered to the function parser from:$this->blackList($parsedFunction);to
$this->blackList($function);Please tell me if im wrong.
Thanks!!! :)
The text was updated successfully, but these errors were encountered: