PHP 8.1: fix deprecation in escape modifier

author: Libor M <liborm85@gmail.com> 2022-02-08 13:30:19 +0100
committer: Libor M <liborm85@gmail.com> 2022-02-08 13:30:19 +0100
commit: a2e1df17688de1f5e6ff4043abd2b1d47ac34734 (patch)
tree: 398fa90f053ebe6ca28971cd5fd48e463b5ed7f6 /libs
parent: 50c4604857c4dbe073707a85ed021758cd846ff5 (diff)
download: smarty-a2e1df17688de1f5e6ff4043abd2b1d47ac34734.tar.gz
smarty-a2e1df17688de1f5e6ff4043abd2b1d47ac34734.tar.bz2
smarty-a2e1df17688de1f5e6ff4043abd2b1d47ac34734.zip
2 files changed, 13 insertions, 10 deletions
diff --git a/libs/plugins/modifier.escape.php b/libs/plugins/modifier.escape.php
index 47489aa9..3ce48382 100644
--- a/libs/plugins/modifier.escape.php
+++ b/libs/plugins/modifier.escape.php
@@ -29,6 +29,9 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $
     if (!$char_set) {
         $char_set = Smarty::$_CHARSET;
     }
+
+    $string = (string)$string;
+
     switch ($esc_type) {
         case 'html':
             if ($_double_encode) {
diff --git a/libs/plugins/modifiercompiler.escape.php b/libs/plugins/modifiercompiler.escape.php
index 70b95cc9..1fc5e781 100644
--- a/libs/plugins/modifiercompiler.escape.php
+++ b/libs/plugins/modifiercompiler.escape.php
@@ -42,10 +42,10 @@ function smarty_modifiercompiler_escape($params, Smarty_Internal_TemplateCompile
         switch ($esc_type) {
             case 'html':
                 if ($_double_encode) {
-                    return 'htmlspecialchars(' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' .
+                    return 'htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' .
                            var_export($double_encode, true) . ')';
                 } elseif ($double_encode) {
-                    return 'htmlspecialchars(' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ')';
+                    return 'htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ')';
                 } else {
                     // fall back to modifier.escape.php
                 }
@@ -54,12 +54,12 @@ function smarty_modifiercompiler_escape($params, Smarty_Internal_TemplateCompile
                 if (Smarty::$_MBSTRING) {
                     if ($_double_encode) {
                         // php >=5.2.3 - go native
-                        return 'mb_convert_encoding(htmlspecialchars(' . $params[ 0 ] . ', ENT_QUOTES, ' .
+                        return 'mb_convert_encoding(htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' .
                                var_export($char_set, true) . ', ' . var_export($double_encode, true) .
                                '), "HTML-ENTITIES", ' . var_export($char_set, true) . ')';
                     } elseif ($double_encode) {
                         // php <5.2.3 - only handle double encoding
-                        return 'mb_convert_encoding(htmlspecialchars(' . $params[ 0 ] . ', ENT_QUOTES, ' .
+                        return 'mb_convert_encoding(htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' .
                                var_export($char_set, true) . '), "HTML-ENTITIES", ' . var_export($char_set, true) . ')';
                     } else {
                         // fall back to modifier.escape.php
@@ -68,26 +68,26 @@ function smarty_modifiercompiler_escape($params, Smarty_Internal_TemplateCompile
                 // no MBString fallback
                 if ($_double_encode) {
                     // php >=5.2.3 - go native
-                    return 'htmlentities(' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' .
+                    return 'htmlentities((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' .
                            var_export($double_encode, true) . ')';
                 } elseif ($double_encode) {
                     // php <5.2.3 - only handle double encoding
-                    return 'htmlentities(' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ')';
+                    return 'htmlentities((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ')';
                 } else {
                     // fall back to modifier.escape.php
                 }
             // no break
             case 'url':
-                return 'rawurlencode(' . $params[ 0 ] . ')';
+                return 'rawurlencode((string)' . $params[ 0 ] . ')';
             case 'urlpathinfo':
-                return 'str_replace("%2F", "/", rawurlencode(' . $params[ 0 ] . '))';
+                return 'str_replace("%2F", "/", rawurlencode((string)' . $params[ 0 ] . '))';
             case 'quotes':
                 // escape unescaped single quotes
-                return 'preg_replace("%(?<!\\\\\\\\)\'%", "\\\'",' . $params[ 0 ] . ')';
+                return 'preg_replace("%(?<!\\\\\\\\)\'%", "\\\'", (string)' . $params[ 0 ] . ')';
             case 'javascript':
                 // escape quotes and backslashes, newlines, etc.
                 // see https://html.spec.whatwg.org/multipage/scripting.html#restrictions-for-contents-of-script-elements
-                return 'strtr(' .
+                return 'strtr((string)' .
                        $params[ 0 ] .
                        ', array("\\\\" => "\\\\\\\\", "\'" => "\\\\\'", "\"" => "\\\\\"", "\\r" => "\\\\r", "\\n" => "\\\n", "</" => "<\/", "<!--" => "<\!--", "<s" => "<\s", "<S" => "<\S" ))';
         }
author	Libor M <liborm85@gmail.com>	2022-02-08 13:30:19 +0100
committer	Libor M <liborm85@gmail.com>	2022-02-08 13:30:19 +0100
commit	a2e1df17688de1f5e6ff4043abd2b1d47ac34734 (patch)
tree	398fa90f053ebe6ca28971cd5fd48e463b5ed7f6 /libs
parent	50c4604857c4dbe073707a85ed021758cd846ff5 (diff)
download	smarty-a2e1df17688de1f5e6ff4043abd2b1d47ac34734.tar.gz smarty-a2e1df17688de1f5e6ff4043abd2b1d47ac34734.tar.bz2 smarty-a2e1df17688de1f5e6ff4043abd2b1d47ac34734.zip