mirror of
https://github.com/silverstripe/silverstripe-userforms.git
synced 2024-10-22 17:05:42 +02:00
FIX Escape dollar signs in UserForm contents before inserting them with regex
This commit is contained in:
parent
722f9d3f82
commit
7edc058121
@ -411,7 +411,9 @@ class UserDefinedForm_Controller extends Page_Controller
|
|||||||
if ($this->Content && $form = $this->Form()) {
|
if ($this->Content && $form = $this->Form()) {
|
||||||
$hasLocation = stristr($this->Content, '$UserDefinedForm');
|
$hasLocation = stristr($this->Content, '$UserDefinedForm');
|
||||||
if ($hasLocation) {
|
if ($hasLocation) {
|
||||||
$content = preg_replace('/(<p[^>]*>)?\\$UserDefinedForm(<\\/p>)?/i', $form->forTemplate(), $this->Content);
|
/** @see Requirements_Backend::escapeReplacement */
|
||||||
|
$formEscapedForRegex = addcslashes($form->forTemplate(), '\\$');
|
||||||
|
$content = preg_replace('/(<p[^>]*>)?\\$UserDefinedForm(<\\/p>)?/i', $formEscapedForRegex, $this->Content);
|
||||||
return array(
|
return array(
|
||||||
'Content' => DBField::create_field('HTMLText', $content),
|
'Content' => DBField::create_field('HTMLText', $content),
|
||||||
'Form' => ""
|
'Form' => ""
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
<div class="$Class">
|
<div class="$Class">
|
||||||
<input id="$ID" class="checkbox" name="$Name" type="checkbox" value="$Value.ATT"<% if $isChecked %>
|
<input id="$ID" class="checkbox" name="$Name" type="checkbox" value="$Value.ATT"<% if $isChecked %>
|
||||||
checked="checked"<% end_if %><% if $isDisabled %> disabled="disabled"<% end_if %> />
|
checked="checked"<% end_if %><% if $isDisabled %> disabled="disabled"<% end_if %> />
|
||||||
<label for="$ID">$Title</label>
|
<label for="$ID">$Title.XML</label>
|
||||||
</div>
|
</div>
|
||||||
<% end_loop %>
|
<% end_loop %>
|
||||||
<% else %>
|
<% else %>
|
||||||
|
Loading…
Reference in New Issue
Block a user