From: Tim Düsterhus <duesterhus@woltlab.com>
Date: Mon, 15 Apr 2013 13:45:27 +0000 (+0200)
Subject: Fix formatting in WCF.Template and use a function instead of eval
X-Git-Tag: 2.0.0_Beta_1~314^2~6
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=5fb36807956baf5f4e928b8ccc7ff6d7e3a0a1da;p=GitHub%2FWoltLab%2FWCF.git

Fix formatting in WCF.Template and use a function instead of eval
---

diff --git a/wcfsetup/install/files/js/WCF.js b/wcfsetup/install/files/js/WCF.js
index cf2c759677..8a55c08dd4 100755
--- a/wcfsetup/install/files/js/WCF.js
+++ b/wcfsetup/install/files/js/WCF.js
@@ -3245,15 +3245,15 @@ WCF.Template = Class.extend({
 		this._template = this._template.replace(/\{\$(.+?)\}/g, function (_, name) {
 			self._neededVars.push(name);
 			
-			return "' + WCF.String.escapeHTML(v."+ name + ") + '";
+			return "' + WCF.String.escapeHTML(v." + name + ") + '";
 		}).replace(/\{#\$(.+?)\}/g, function (_, name) {
 			self._neededVars.push(name);
 			
-			return "' + WCF.String.formatNumeric(v."+ name + ") + '";
+			return "' + WCF.String.formatNumeric(v." + name + ") + '";
 		}).replace(/\{@\$(.+?)\}/g, function (_, name) {
 			self._neededVars.push(name);
 			
-			return "' + (v."+ name + ") + '";
+			return "' + (v." + name + ") + '";
 		}).replace(/{if (.+?)}/g, function (_, content) {
 			content = content.replace(/\$([^\s]+)/g, function (_, name) {
 				self._neededVars.push(name);
@@ -3279,6 +3279,8 @@ WCF.Template = Class.extend({
 		this._template = this._template.replace(/(\r\n|\n|\r)/g, '\\n');
 		
 		this._template = "$output += '" + this.insertLiterals(this._template) + "';";
+		
+		this._template = new Function("v", "var $output = ''; " + this._template + ' return $output;');
 	},
 	
 	/**
@@ -3295,11 +3297,7 @@ WCF.Template = Class.extend({
 			}
 		}
 		
-		var $output = '';
-		
-		eval(this._template);
-		
-		return $output;
+		return this._template(v);
 	},
 	
 	/**