projects / GitHub / WoltLab / WCF.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0f5aa61)
Fix formatting in WCF.Template and use a function instead of eval
authorTim Düsterhus <duesterhus@woltlab.com>
Mon, 15 Apr 2013 13:45:27 +0000 (15:45 +0200)
committerTim Düsterhus <duesterhus@woltlab.com>
Mon, 15 Apr 2013 13:45:27 +0000 (15:45 +0200)
wcfsetup/install/files/js/WCF.js patch | blob | blame | history

diff --git a/wcfsetup/install/files/js/WCF.js b/wcfsetup/install/files/js/WCF.js
index cf2c759677ebb773f415156957189f17a691eb10..8a55c08dd4e7622a3bb7ad09c82b4913e3480605 100755 (executable)
--- a/wcfsetup/install/files/js/WCF.js
+++ b/wcfsetup/install/files/js/WCF.js
@@ -3245,15 +3245,15 @@ WCF.Template = Class.extend({
                this._template = this._template.replace(/\{\$(.+?)\}/g, function (_, name) {
                        self._neededVars.push(name);
                        
-                       return "' + WCF.String.escapeHTML(v."+ name + ") + '";
+                       return "' + WCF.String.escapeHTML(v." + name + ") + '";
                }).replace(/\{#\$(.+?)\}/g, function (_, name) {
                        self._neededVars.push(name);
                        
-                       return "' + WCF.String.formatNumeric(v."+ name + ") + '";
+                       return "' + WCF.String.formatNumeric(v." + name + ") + '";
                }).replace(/\{@\$(.+?)\}/g, function (_, name) {
                        self._neededVars.push(name);
                        
-                       return "' + (v."+ name + ") + '";
+                       return "' + (v." + name + ") + '";
                }).replace(/{if (.+?)}/g, function (_, content) {
                        content = content.replace(/\$([^\s]+)/g, function (_, name) {
                                self._neededVars.push(name);
@@ -3279,6 +3279,8 @@ WCF.Template = Class.extend({
                this._template = this._template.replace(/(\r\n|\n|\r)/g, '\\n');
                
                this._template = "$output += '" + this.insertLiterals(this._template) + "';";
+               
+               this._template = new Function("v", "var $output = ''; " + this._template + ' return $output;');
        },
        
        /**
@@ -3295,11 +3297,7 @@ WCF.Template = Class.extend({
                        }
                }
                
-               var $output = '';
-               
-               eval(this._template);
-               
-               return $output;
+               return this._template(v);
        },
        
        /**
WoltLab Suite Core (previously WoltLab Community Framework)