X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=CRM%2FUtils%2FString.php;h=5ee79d831c24d622da13a9e617cd63a1d92216a6;hb=6618a018a85af6394e1c1e5319ee70f86f43133a;hp=3400263aa06bd4afa9cdc3b3489befe5df813fea;hpb=bee2b57c18351befe5b35b4f54e93766f690bd59;p=civicrm-core.git

diff --git a/CRM/Utils/String.php b/CRM/Utils/String.php
index 3400263aa0..5ee79d831c 100644
--- a/CRM/Utils/String.php
+++ b/CRM/Utils/String.php
@@ -690,10 +690,10 @@ class CRM_Utils_String {
    * "admin foo" => array(NULL,"admin foo")
    * "cms:admin foo" => array("cms", "admin foo")
    *
-   * @param $delim
+   * @param string $delim
    * @param string $string
    *   E.g. "view all contacts". Syntax: "[prefix:]name".
-   * @param null $defaultPrefix
+   * @param string|null $defaultPrefix
    *
    * @return array
    *   (0 => string|NULL $prefix, 1 => string $value)
@@ -951,7 +951,7 @@ class CRM_Utils_String {
    * safe, standard data interchange formats such as JSON rather than PHP's
    * serialization format when dealing with user input.
    *
-   * @param string|NULL $string
+   * @param string|null $string
    *
    * @return mixed
    */
@@ -1038,7 +1038,9 @@ class CRM_Utils_String {
     $cachingValue = $smarty->caching;
     $smarty->caching = 0;
     $smarty->assign('smartySingleUseString', $templateString);
-    $templateString = $smarty->fetch('string:{eval var=$smartySingleUseString}');
+    // Do not escape the smartySingleUseString as that is our smarty template
+    // and is likely to contain html.
+    $templateString = (string) $smarty->fetch('string:{eval var=$smartySingleUseString|smarty:nodefaults}');
     $smarty->caching = $cachingValue;
     $smarty->assign('smartySingleUseString', NULL);
     return $templateString;