* 1.8.3 (2012-XX-XX)
+ * fixed escaping when a project defines a function named html or js
* fixed chmod mode to apply the umask correctly
* 1.8.2 (2012-05-30)
for all templates (default to ``true``). As of Twig 1.8, you can set the
escaping strategy to use (``html``, ``js``, ``false`` to disable, or a PHP
callback that takes the template "filename" and must return the escaping
- strategy to use).
+ strategy to use -- the callback cannot be a function name to avoid collision
+ with built-in escaping strategies).
* ``optimizations``: A flag that indicates which optimizations to apply
(default to ``-1`` -- all optimizations are enabled; set it to ``0`` to
*/
public function getDefaultStrategy($filename)
{
- if (is_callable($this->defaultStrategy)) {
+ // disable string callables to avoid calling a function named html or js,
+ // or any other upcoming escaping strategy
+ if (!is_string($this->defaultStrategy) && is_callable($this->defaultStrategy)) {
return call_user_func($this->defaultStrategy, $filename);
}
* file that was distributed with this source code.
*/
+// This function is defined to check that escaping strategies
+// like html works even if a function with the same name is defined.
+function html()
+{
+ return 'foo';
+}
+
class Twig_Tests_IntegrationTest extends PHPUnit_Framework_TestCase
{
public function getTests()