From 6dc0b9f89aeccc91ff45d9ed1be7829e0e4ff3a6 Mon Sep 17 00:00:00 2001 From: David Grudl Date: Tue, 26 Oct 2021 14:40:27 +0200 Subject: [PATCH] // comment and # comment are forbidden inside tags --- src/Latte/Compiler/PhpWriter.php | 7 +++++-- tests/Latte/Compiler.errors.phpt | 8 ++++++++ 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/src/Latte/Compiler/PhpWriter.php b/src/Latte/Compiler/PhpWriter.php index a9b78c2f2..f3c428468 100644 --- a/src/Latte/Compiler/PhpWriter.php +++ b/src/Latte/Compiler/PhpWriter.php @@ -209,8 +209,11 @@ public function validateTokens(MacroTokens $tokens): void $pos = $tokens->position; while ($tokens->nextToken()) { $tokenValue = $tokens->currentValue(); - if ($tokens->isCurrent('?>')) { - throw new CompileException('Forbidden ?> inside tag'); + if ($tokens->isCurrent('?>') || $tokens->isCurrent('#')) { + throw new CompileException("Forbidden $tokenValue inside tag"); + + } elseif ($tokens->isCurrent('/') && $tokens->isNext('/')) { + throw new CompileException('Forbidden // inside tag'); } elseif ($tokens->isCurrent('(', '[', '{')) { static $counterpart = ['(' => ')', '[' => ']', '{' => '}']; diff --git a/tests/Latte/Compiler.errors.phpt b/tests/Latte/Compiler.errors.phpt index 31b2ba228..4e1cc45e1 100644 --- a/tests/Latte/Compiler.errors.phpt +++ b/tests/Latte/Compiler.errors.phpt @@ -124,6 +124,14 @@ Assert::error(function () use ($latte) { $latte->compile('{=`whoami`}'); }, Latte\CompileException::class, 'Backtick operator is forbidden in Latte.'); +Assert::error(function () use ($latte) { + $latte->compile('{=#comment}'); +}, Latte\CompileException::class, 'Forbidden # inside tag'); + +Assert::error(function () use ($latte) { + $latte->compile('{=//comment}'); +}, Latte\CompileException::class, 'Forbidden // inside tag'); + Assert::exception(function () use ($latte) { $latte->compile('{$ʟ_tmp}'); }, Latte\CompileException::class, 'Forbidden variable $ʟ_tmp.');