Mercurial > hg > isophonics-drupal-site
view core/lib/Drupal/Core/Logger/LogMessageParser.php @ 13:5fb285c0d0e3
Update Drupal core to 8.4.7 via Composer. Security update; I *think* we've
been lucky to get away with this so far, as we don't support self-registration
which seems to be used by the so-called "drupalgeddon 2" attack that 8.4.5
was vulnerable to.
| author | Chris Cannam |
|---|---|
| date | Mon, 23 Apr 2018 09:33:26 +0100 |
| parents | 4c8ae668cc8c |
| children | 129ea1e6d783 |
line wrap: on
line source
<?php namespace Drupal\Core\Logger; /** * Parses log messages and their placeholders. */ class LogMessageParser implements LogMessageParserInterface { /** * {@inheritdoc} */ public function parseMessagePlaceholders(&$message, array &$context) { $variables = []; $has_psr3 = FALSE; if (($start = strpos($message, '{')) !== FALSE && strpos($message, '}') > $start) { $has_psr3 = TRUE; // Transform PSR3 style messages containing placeholders to // \Drupal\Component\Utility\SafeMarkup::format() style. $message = preg_replace('/\{(.*)\}/U', '@$1', $message); } foreach ($context as $key => $variable) { // PSR3 style placeholders. if ($has_psr3) { // Keys are not prefixed with anything according to PSR3 specs. // If the message is "User {username} created" the variable key will be // just "username". if (strpos($message, '@' . $key) !== FALSE) { $key = '@' . $key; } } if (!empty($key) && ($key[0] === '@' || $key[0] === '%' || $key[0] === '!')) { // The key is now in \Drupal\Component\Utility\SafeMarkup::format() style. $variables[$key] = $variable; } } return $variables; } }