From 1d36f354e8349616c7b39fcade859fbcf0f9c362 Mon Sep 17 00:00:00 2001
From: Gregory Smirnov <gregory.smirnov@hlm.com>
Date: Mon, 24 Apr 2017 21:53:20 +0200
Subject: [PATCH 1/4] FIX Create Image_Cached with Injector.

---
 model/Image.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/model/Image.php b/model/Image.php
index 1003e4f87..433e00863 100644
--- a/model/Image.php
+++ b/model/Image.php
@@ -727,7 +727,7 @@ class Image extends File implements Flushable {
 				call_user_func_array(array($this, "generateFormattedImage"), $args);
 			}
 
-			$cached = new Image_Cached($cacheFile, false, $this);
+			$cached = Injector::inst()->createWithArgs('Image_Cached', array($cacheFile, false, $this));
 			return $cached;
 		}
 	}

From a511e3511cace405dab7589a3406a0858cb6edf2 Mon Sep 17 00:00:00 2001
From: Patrick Nelson <patnelson@ebay.com>
Date: Fri, 28 Apr 2017 01:32:18 -0700
Subject: [PATCH 2/4] FIX #6855: Mangled JS in Requirements, escaping
 replacement values prior to passing to preg_replace().

---
 view/Requirements.php | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/view/Requirements.php b/view/Requirements.php
index 4b1bd7b33..971b943e4 100644
--- a/view/Requirements.php
+++ b/view/Requirements.php
@@ -869,10 +869,10 @@ class Requirements_Backend {
 
 				// Forcefully put the scripts at the bottom of the body instead of before the first
 				// script tag.
-				$replacements["/(<\/body[^>]*>)/i"] = $jsRequirements . "\\1";
+				$replacements["/(<\/body[^>]*>)/i"] = $this->escapeReplacement($jsRequirements) . "\\1";
 
 				// Put CSS at the bottom of the head
-				$replacements["/(<\/head>)/i"] = $requirements . "\\1";
+				$replacements["/(<\/head>)/i"] = $this->escapeReplacement($requirements) . "\\1";
 			} elseif ($this->write_js_to_body) {
 				$jsRequirements = $this->removeNewlinesFromCode($jsRequirements);
 
@@ -894,14 +894,14 @@ class Requirements_Backend {
 				if ($canWriteToBody) {
 					$content = substr($content, 0, $p1) . $jsRequirements . substr($content, $p1);
 				} else {
-					$replacements["/(<\/body[^>]*>)/i"] = $jsRequirements . "\\1";
+					$replacements["/(<\/body[^>]*>)/i"] = $this->escapeReplacement($jsRequirements) . "\\1";
 				}
 
 				// Put CSS at the bottom of the head
-				$replacements["/(<\/head>)/i"] = $requirements . "\\1";
+				$replacements["/(<\/head>)/i"] = $this->escapeReplacement($requirements) . "\\1";
 			} else {
 				// Put CSS and Javascript together before the closing head tag
-				$replacements["/(<\/head>)/i"] = $requirements . $jsRequirements. "\\1";
+				$replacements["/(<\/head>)/i"] = $this->escapeReplacement($requirements . $jsRequirements) . "\\1";
 			}
 
 			if (!empty($replacements)) {
@@ -923,6 +923,16 @@ class Requirements_Backend {
 		return preg_replace('/>\n*/', '>', $code);
 	}
 
+	/**
+	 * Safely escape a literal string for use in preg_replace replacement
+	 *
+	 * @param string $replacement
+	 * @return string
+	 */
+	protected function escapeReplacement($replacement) {
+		return addcslashes($replacement, '\\$');
+	}
+
 	/**
 	 * Attach requirements inclusion to X-Include-JS and X-Include-CSS headers on the given
 	 * HTTP Response

From 2187c160b936620621fe746a1ffe36af568b21ff Mon Sep 17 00:00:00 2001
From: 3Dgoo <michael@3dgoo.com>
Date: Wed, 3 May 2017 06:23:47 +0930
Subject: [PATCH 3/4] Fixing pagination api doc typo

---
 core/PaginatedList.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/PaginatedList.php b/core/PaginatedList.php
index a332f57c8..5a655cd86 100644
--- a/core/PaginatedList.php
+++ b/core/PaginatedList.php
@@ -270,7 +270,7 @@ class PaginatedList extends SS_ListDecorator {
 	 * </code>
 	 *
 	 * @param  int $context The number of pages to display around the current
-	 *         page. The number should be event, as half the number of each pages
+	 *         page. The number should be even, as half the number of each pages
 	 *         are displayed on either side of the current one.
 	 * @return SS_List
 	 */

From 2d138b0ef06bd93958cc0678a0afa95560648fb9 Mon Sep 17 00:00:00 2001
From: Gregory Smirnov <gregory.smirnov@hlm.com>
Date: Wed, 3 May 2017 09:10:40 +0200
Subject: [PATCH 4/4] Fix class name reference consistency

---
 core/Object.php | 49 ++++++++++++++++++++++++++-----------------------
 1 file changed, 26 insertions(+), 23 deletions(-)

diff --git a/core/Object.php b/core/Object.php
index 8d6c0b41b..660a1d328 100755
--- a/core/Object.php
+++ b/core/Object.php
@@ -726,16 +726,17 @@ abstract class Object {
 	 * @return mixed
 	 */
 	public function __call($method, $arguments) {
+		$class = get_class($this);
 		// If the method cache was cleared by an an Object::add_extension() / Object::remove_extension()
 		// call, then we should rebuild it.
-		if(empty(self::$extra_methods[get_class($this)])) {
+		if(empty(self::$extra_methods[$class])) {
 			$this->defineMethods();
 		}
 
 		$method = strtolower($method);
 
-		if(isset(self::$extra_methods[$this->class][$method])) {
-			$config = self::$extra_methods[$this->class][$method];
+		if(isset(self::$extra_methods[$class][$method])) {
+			$config = self::$extra_methods[$class][$method];
 
 			switch(true) {
 				case isset($config['property']) :
@@ -752,11 +753,11 @@ abstract class Object {
 
 					if($this->destroyed) {
 						throw new Exception (
-							"Object->__call(): attempt to call $method on a destroyed $this->class object"
+							"Object->__call(): attempt to call $method on a destroyed $class object"
 						);
 					} else {
 						throw new Exception (
-							"Object->__call(): $this->class cannot pass control to $config[property]($config[index])."
+							"Object->__call(): $class cannot pass control to $config[property]($config[index])."
 								. ' Perhaps this object was mistakenly destroyed?'
 						);
 					}
@@ -770,13 +771,12 @@ abstract class Object {
 
 				default :
 					throw new Exception (
-						"Object->__call(): extra method $method is invalid on $this->class:"
+						"Object->__call(): extra method $method is invalid on $class:"
 							. var_export($config, true)
 					);
 			}
 		} else {
 			// Please do not change the exception code number below.
-			$class = get_class($this);
 			throw new Exception("Object->__call(): the method '$method' does not exist on '$class', or the method is not public.", 2175);
 		}
 	}
@@ -793,7 +793,7 @@ abstract class Object {
 	 * @return bool
 	 */
 	public function hasMethod($method) {
-		return method_exists($this, $method) || isset(self::$extra_methods[$this->class][strtolower($method)]);
+		return method_exists($this, $method) || isset(self::$extra_methods[get_class($this)][strtolower($method)]);
 	}
 
 	/**
@@ -803,14 +803,15 @@ abstract class Object {
 	 * @return array
 	 */
 	public function allMethodNames($custom = false) {
-		if(!isset(self::$built_in_methods[$this->class])) {
-			self::$built_in_methods[$this->class] = array_map('strtolower', get_class_methods($this));
+		$class = get_class($this);
+		if(!isset(self::$built_in_methods[$class])) {
+			self::$built_in_methods[$class] = array_map('strtolower', get_class_methods($this));
 		}
 
-		if($custom && isset(self::$extra_methods[$this->class])) {
-			return array_merge(self::$built_in_methods[$this->class], array_keys(self::$extra_methods[$this->class]));
+		if($custom && isset(self::$extra_methods[$class])) {
+			return array_merge(self::$built_in_methods[$class], array_keys(self::$extra_methods[$class]));
 		} else {
-			return self::$built_in_methods[$this->class];
+			return self::$built_in_methods[$class];
 		}
 	}
 
@@ -826,11 +827,12 @@ abstract class Object {
 			$this->addMethodsFrom('extension_instances', $key);
 		}
 
-		if(isset($_REQUEST['debugmethods']) && isset(self::$built_in_methods[$this->class])) {
+		$class = get_class($this);
+		if(isset($_REQUEST['debugmethods']) && isset(self::$built_in_methods[$class])) {
 			Debug::require_developer_login();
 
-			echo '<h2>Methods defined on ' . $this->class . '</h2><ul>';
-			foreach(self::$built_in_methods[$this->class] as $method) {
+			echo "<h2>Methods defined on $class</h2><ul>";
+			foreach(self::$built_in_methods[$class] as $method) {
 				echo "<li>$method</li>";
 			}
 			echo '</ul>';
@@ -844,11 +846,12 @@ abstract class Object {
 	 * @param string|int $index an index to use if the property is an array
 	 */
 	protected function addMethodsFrom($property, $index = null) {
+		$class = get_class($this);
 		$extension = ($index !== null) ? $this->{$property}[$index] : $this->$property;
 
 		if(!$extension) {
 			throw new InvalidArgumentException (
-				"Object->addMethodsFrom(): could not add methods from {$this->class}->{$property}[$index]"
+				"Object->addMethodsFrom(): could not add methods from {$class}->{$property}[$index]"
 			);
 		}
 
@@ -873,11 +876,11 @@ abstract class Object {
 
 			$newMethods = array_fill_keys($methods, $methodInfo);
 
-			if(isset(self::$extra_methods[$this->class])) {
-				self::$extra_methods[$this->class] =
-					array_merge(self::$extra_methods[$this->class], $newMethods);
+			if(isset(self::$extra_methods[$class])) {
+				self::$extra_methods[$class] =
+					array_merge(self::$extra_methods[$class], $newMethods);
 			} else {
-				self::$extra_methods[$this->class] = $newMethods;
+				self::$extra_methods[$class] = $newMethods;
 			}
 		}
 	}
@@ -890,7 +893,7 @@ abstract class Object {
 	 * @param string $wrap the method name to wrap to
 	 */
 	protected function addWrapperMethod($method, $wrap) {
-		self::$extra_methods[$this->class][strtolower($method)] = array (
+		self::$extra_methods[get_class($this)][strtolower($method)] = array (
 			'wrap'   => $wrap,
 			'method' => $method
 		);
@@ -905,7 +908,7 @@ abstract class Object {
 	 *        function
 	 */
 	protected function createMethod($method, $code) {
-		self::$extra_methods[$this->class][strtolower($method)] = array (
+		self::$extra_methods[get_class($this)][strtolower($method)] = array (
 			'function' => create_function('$obj, $args', $code)
 		);
 	}