From fdec7034aa5939a141e63e07c6926335a0ecabf6 Mon Sep 17 00:00:00 2001 From: Elijah Horton Date: Thu, 24 Jul 2014 08:47:02 -0400 Subject: [PATCH] - Fixed bug with prepare_vars() --- CHANGELOG.md | 3 +++ MANUAL.html | 2 +- src/Error.php | 2 +- src/PHPSandbox.php | 4 ++-- src/SandboxWhitelistVisitor.php | 2 +- src/SandboxedString.php | 2 +- src/ValidatorVisitor.php | 2 +- src/WhitelistVisitor.php | 2 +- 8 files changed, 11 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2cac5c5..37726fe 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,8 @@ #CHANGELOG +##07/24/2014 +- Fixed bug with prepare_vars() + ##06/19/2014 - Added flags to enable/disable validation checks for every type (for example, this will help in situations where someone wants to enable all functions but not blacklist a fake function name to remove the function whitelist.) Disabling a validation check also ignores any custom validation check for that type! - Fixed issue with toolkit giving incorrect error and exception messages diff --git a/MANUAL.html b/MANUAL.html index a74bd04..85909a3 100644 --- a/MANUAL.html +++ b/MANUAL.html @@ -34,7 +34,7 @@

1 - About PHPSandbox & PHPSandbox Toolkit


- PHPSandbox Toolkit 1.3.7 + PHPSandbox Toolkit 1.3.8


Developed by: Elijah Horton diff --git a/src/Error.php b/src/Error.php index 399de63..84b6847 100644 --- a/src/Error.php +++ b/src/Error.php @@ -11,7 +11,7 @@ * @namespace PHPSandbox * * @author Elijah Horton - * @version 1.3.7 + * @version 1.3.8 */ class Error extends \Exception { /* START ERROR CODES */ diff --git a/src/PHPSandbox.php b/src/PHPSandbox.php index b86f392..a7d3206 100644 --- a/src/PHPSandbox.php +++ b/src/PHPSandbox.php @@ -14,7 +14,7 @@ * @namespace PHPSandbox * * @author Elijah Horton - * @version 1.3.7 + * @version 1.3.8 */ class PHPSandbox implements \IteratorAggregate { /** @@ -6579,7 +6579,7 @@ protected function prepare_vars(){ $output[] = '$' . $name . " = null"; } } else { - $output[] = '$' . $name . " = unserialize('" . addcslashes(serialize($value), "'") . "')"; + $output[] = '$' . $name . " = unserialize('" . addcslashes(serialize($value), "'\\") . "')"; } } return count($output) ? "\r\n" . implode(";\r\n", $output) . ";\r\n" : ''; diff --git a/src/SandboxWhitelistVisitor.php b/src/SandboxWhitelistVisitor.php index 93af748..a412c58 100644 --- a/src/SandboxWhitelistVisitor.php +++ b/src/SandboxWhitelistVisitor.php @@ -13,7 +13,7 @@ * @namespace PHPSandbox * * @author Elijah Horton - * @version 1.3.7 + * @version 1.3.8 */ class SandboxWhitelistVisitor extends \PHPParser_NodeVisitorAbstract { /** The PHPSandbox instance to check against diff --git a/src/SandboxedString.php b/src/SandboxedString.php index 09fe184..46b38ca 100644 --- a/src/SandboxedString.php +++ b/src/SandboxedString.php @@ -11,7 +11,7 @@ * @namespace PHPSandbox * * @author Elijah Horton - * @version 1.3.7 + * @version 1.3.8 */ class SandboxedString implements \ArrayAccess, \IteratorAggregate { /** diff --git a/src/ValidatorVisitor.php b/src/ValidatorVisitor.php index be682f4..911a8db 100644 --- a/src/ValidatorVisitor.php +++ b/src/ValidatorVisitor.php @@ -13,7 +13,7 @@ * @namespace PHPSandbox * * @author Elijah Horton - * @version 1.3.7 + * @version 1.3.8 */ class ValidatorVisitor extends \PHPParser_NodeVisitorAbstract { /** The PHPSandbox instance to check against diff --git a/src/WhitelistVisitor.php b/src/WhitelistVisitor.php index 76beb1a..d24a728 100644 --- a/src/WhitelistVisitor.php +++ b/src/WhitelistVisitor.php @@ -13,7 +13,7 @@ * @namespace PHPSandbox * * @author Elijah Horton - * @version 1.3.7 + * @version 1.3.8 */ class WhitelistVisitor extends \PHPParser_NodeVisitorAbstract { /** The PHPSandbox instance to check against