* "admin foo" => array(NULL,"admin foo")
* "cms:admin foo" => array("cms", "admin foo")
*
- * @param $delim
+ * @param string $delim
* @param string $string
* E.g. "view all contacts". Syntax: "[prefix:]name".
- * @param null $defaultPrefix
+ * @param string|null $defaultPrefix
*
* @return array
* (0 => string|NULL $prefix, 1 => string $value)
* safe, standard data interchange formats such as JSON rather than PHP's
* serialization format when dealing with user input.
*
- * @param string|NULL $string
+ * @param string|null $string
*
* @return mixed
*/
$cachingValue = $smarty->caching;
$smarty->caching = 0;
$smarty->assign('smartySingleUseString', $templateString);
- $templateString = $smarty->fetch('string:{eval var=$smartySingleUseString}');
+ // Do not escape the smartySingleUseString as that is our smarty template
+ // and is likely to contain html.
+ $templateString = (string) $smarty->fetch('string:{eval var=$smartySingleUseString|smarty:nodefaults}');
$smarty->caching = $cachingValue;
$smarty->assign('smartySingleUseString', NULL);
return $templateString;