diff --git a/library/think/Template.php b/library/think/Template.php index c8969e21..e7693330 100644 --- a/library/think/Template.php +++ b/library/think/Template.php @@ -936,12 +936,13 @@ class Template $args = explode('=', $varArray[$i], 2); // 模板函数过滤 $fun = trim($args[0]); - switch ($fun) { + if (in_array($fun, $template_deny_funs)) { + continue; + } + + switch (strtolower($fun)) { case 'raw': break; - case 'htmlentities': - $name = 'htmlentities((string) ' . $name . ')'; - break; case 'default': // 特殊模板函数 if (false === strpos($name, '(')) { $name = '(isset(' . $name . ') && (' . $name . ' !== \'\')?' . $name . ':' . $args[1] . ')'; @@ -950,26 +951,25 @@ class Template } break; default: // 通用模板函数 - if (!in_array($fun, $template_deny_funs)) { - if (isset($args[1])) { - if (strstr($args[1], '###')) { - $args[1] = str_replace('###', $name, $args[1]); - $name = "$fun($args[1])"; - } else { - $name = "$fun($name ?? '',$args[1])"; - } + if (isset($args[1])) { + if (strstr($args[1], '###')) { + $args[1] = str_replace('###', $name, $args[1]); + $name = "$fun($args[1])"; } else { - if (!empty($args[0])) { - $name = "$fun($name ?? '')"; - } + $name = "$fun($name,$args[1])"; + } + } else { + if (!empty($args[0])) { + $name = "$fun($name)"; } } } } + $_varFunctionList[$_key] = $name; $varStr = $name; } - return; + return $varStr; } /**