mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Revert "Don't escape single quotes in alert templates so that we can compare strings in if statements"

Browse Source 
This reverts commit 124afc2054.
This commit is contained in:
Eldon Koyle
2016-03-07 16:12:57 -07:00
parent a3c4076aae
commit 94a182a396
1 changed files with 1 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
alerts.php
View File

@@ -359,18 +359,6 @@ function ExtTransports($obj) {
}//end ExtTransports()
/**
* Escape certain characters in template string
* @param string $tpl Template
* @return string
*/
function TplEscape($tpl) {
// theoretically like addslashes(), but don't escape single quote (') and do escape $
// FIXME: is there still a way to break out of the double-quoted string, maybe with a unicode char?
return preg_replace('(["\\\\$\\0])','\\0',$tpl);
}
/**
* Format Alert
* @param array $obj Alert-Array
@@ -378,7 +366,7 @@ function TplEscape($tpl) {
*/
function FormatAlertTpl($obj) {
$tpl = $obj["template"];
$msg = '$ret .= "'.str_replace(array('{else}', '{/if}', '{/foreach}'), array('"; } else { $ret .= "', '"; } $ret .= "', '"; } $ret .= "'), TplEscape($tpl)).'";';
$msg = '$ret .= "'.str_replace(array('{else}', '{/if}', '{/foreach}'), array('"; } else { $ret .= "', '"; } $ret .= "', '"; } $ret .= "'), addslashes($tpl)).'";';
$parsed = $msg;
$s = strlen($msg);
$x = $pos = -1;