The parser, as far as regards functions is doing a blacklist filter in all the function, the name, the content, ... . So some functions that can use words that are listed in the blacklist throw an exception.
Per example, the function gettext is used to do a i18n of the content and may use words like system, unlink,... and will throw the pertinent exception.
The method must filtrate the function name and not his content, i think.
Other problem may be the callback functions, but adding these to the blacklist should be ok to prevent any damage.
So i suggest change the line in the compileTemplate method, in parser class, refered to the function parser from:
$this->blackList($parsedFunction);
to
$this->blackList($function);
The parser, as far as regards functions is doing a blacklist filter in all the function, the name, the content, ... . So some functions that can use words that are listed in the blacklist throw an exception.
Per example, the function gettext is used to do a i18n of the content and may use words like system, unlink,... and will throw the pertinent exception.
The method must filtrate the function name and not his content, i think. Other problem may be the callback functions, but adding these to the blacklist should be ok to prevent any damage.
So i suggest change the line in the
compileTemplatemethod, in parser class, refered to the function parser from:$this->blackList($parsedFunction);to$this->blackList($function);Please tell me if im wrong. Thanks!!! :)