| Index: trunk/extensions/LocalisationUpdate/LocalisationUpdate.class.php |
| — | — | @@ -208,8 +208,8 @@ |
| 209 | 209 | } |
| 210 | 210 | |
| 211 | 211 | // Get the array with messages |
| 212 | | - // TODO: Security? |
| 213 | | - eval( $basefilecontents ); |
| | 212 | + $vars = new ConfEditor( $basefilecontents )->getVars(); |
| | 213 | + $base_messages = $vars['base_messages']; |
| 214 | 214 | |
| 215 | 215 | $comparefilecontents = self::getFileContents( $comparefile ); |
| 216 | 216 | if ( $comparefilecontents === false || $comparefilecontents === "" ) return array(); // Failed |
| — | — | @@ -229,8 +229,8 @@ |
| 230 | 230 | } |
| 231 | 231 | } |
| 232 | 232 | // Get the array |
| 233 | | - // TODO: security? |
| 234 | | - eval( $comparefilecontents ); |
| | 233 | + $vars = new ConfEditor( $comparefilecontents )->getVars(); |
| | 234 | + $compare_messages = $vars['compare_messages']; |
| 235 | 235 | |
| 236 | 236 | // if the localfile and the remote file are the same, skip them! |
| 237 | 237 | if ( $basehash == $comparehash && !$alwaysGetResult ) { |
| — | — | @@ -375,8 +375,8 @@ |
| 376 | 376 | } |
| 377 | 377 | |
| 378 | 378 | // And get the real contents |
| 379 | | - // TODO: security? |
| 380 | | - eval( $basefilecontents ); |
| | 379 | + $vars = new ConfEditor( $basefilecontents )->getVars(); |
| | 380 | + $base_messages = $vars['base_messages']; |
| 381 | 381 | |
| 382 | 382 | $comparefilecontents = self::getFileContents( $comparefile ); |
| 383 | 383 | if ( $comparefilecontents === false || $comparefilecontents === "" ) return 0; // Failed |
| — | — | @@ -395,8 +395,8 @@ |
| 396 | 396 | } |
| 397 | 397 | } |
| 398 | 398 | // Get the real array |
| 399 | | - // TODO: security? |
| 400 | | - eval( $comparefilecontents ); |
| | 399 | + $vars = new ConfEditor( $comparefilecontents )->getVars(); |
| | 400 | + $compare_messages = $vars['compare_messages']; |
| 401 | 401 | |
| 402 | 402 | // If both files are the same, they can be skipped |
| 403 | 403 | if ( $basehash == $comparehash && !$alwaysGetResult ) { |