FIX Escape dollar signs in UserForm contents before inserting them wi…

…th regex (#723)
silverstripe · Feb 21, 2018 · 0ce8b95 · 0ce8b95
1 parent eed799d
commit 0ce8b95
Showing 1 changed file with 6 additions and 4 deletions.
diff --git a/code/model/UserDefinedForm.php b/code/model/UserDefinedForm.php
@@ -5,7 +5,7 @@
  */
 
 class UserDefinedForm extends Page {
-	
+
 	/**
 	 * @var string
 	 */
@@ -370,7 +370,9 @@ public function index() {
 		if($this->Content && $form = $this->Form()) {
 			$hasLocation = stristr($this->Content, '$UserDefinedForm');
 			if($hasLocation) {
-				$content = preg_replace('/(<p[^>]*>)?\\$UserDefinedForm(<\\/p>)?/i', $form->forTemplate(), $this->Content);
+				/** @see Requirements_Backend::escapeReplacement */
+				$formEscapedForRegex = addcslashes($form->forTemplate(), '\\$');
+				$content = preg_replace('/(<p[^>]*>)?\\$UserDefinedForm(<\\/p>)?/i', $formEscapedForRegex, $this->Content);
 				return array(
 					'Content' => DBField::create_field('HTMLText', $content),
 					'Form' => ""
@@ -688,7 +690,7 @@ public function process($data, $form) {
 			foreach($recipients as $recipient) {
 				$email = new UserFormRecipientEmail($submittedFields);
 				$mergeFields = $this->getMergeFieldsMap($emailData['Fields']);
-	
+
 				if($attachments) {
 					foreach($attachments as $file) {
 						if($file->ID != 0) {
@@ -700,7 +702,7 @@ public function process($data, $form) {
 						}
 					}
 				}
-				
+
 				$parsedBody = SSViewer::execute_string($recipient->getEmailBodyContent(), $mergeFields);
 
 				if (!$recipient->SendPlain && $recipient->emailTemplateExists()) {