From: Fabien Potencier <fabien.potencier@gmail.com>
Date: Thu, 2 Dec 2010 07:52:42 +0000 (+0100)
Subject: fixed sandbox extension when used with auto output escaping
X-Git-Url: http://git.silmor.de/gitweb/?a=commitdiff_plain;h=c7dacdd6a08aa782544b53db966acf93d0215970;p=web%2Fkonrad%2Ftwig.git

fixed sandbox extension when used with auto output escaping
---

diff --git a/lib/Twig/Node/SandboxedPrint.php b/lib/Twig/Node/SandboxedPrint.php
index 877838e..c24cee4 100644
--- a/lib/Twig/Node/SandboxedPrint.php
+++ b/lib/Twig/Node/SandboxedPrint.php
@@ -36,11 +36,10 @@ class Twig_Node_SandboxedPrint extends Twig_Node_Print
     {
         $compiler
             ->addDebugInfo($this)
-            ->write('$_tmp = ')
-            ->subcompile($this->getNode('expr'))
-            ->raw(";\n")
             ->write('if (is_object(')
-            ->raw('$_tmp)) {'."\n")
+            ->raw('$_tmp = ')
+            ->subcompile($this->removeNodeFilter($this->getNode('expr')))
+            ->raw(')) {'."\n")
             ->indent()
             ->write('$this->env->getExtension(\'sandbox\')->checkMethodAllowed(')
             ->raw('$_tmp, \'__toString\');'."\n")
@@ -50,4 +49,20 @@ class Twig_Node_SandboxedPrint extends Twig_Node_Print
 
         parent::compile($compiler);
     }
+
+    /**
+     * Removes node filters.
+     *
+     * This is mostly needed when another visitor adds filters (like the escaper one).
+     *
+     * @param Twig_Node $node A Node
+     */
+    protected function removeNodeFilter($node)
+    {
+        if ($node instanceof Twig_Node_Expression_Filter) {
+            return $this->removeNodeFilter($node->getNode('node'));
+        }
+
+        return $node;
+    }
 }