BUGFIX Sanitise keys and tags before using them with Zend_Cache.

silverstripe · Dec 22, 2011 · f751648 · f751648
1 parent 27a51ed
commit f751648
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 4 deletions.
diff --git a/model/Aggregate.php b/model/Aggregate.php
@@ -48,9 +48,12 @@ public static function flushCache($class=null) {
 
 		if (!$class || $class == 'DataObject') {
 			$cache->clean(Zend_Cache::CLEANING_MODE_MATCHING_TAG, array('aggregate'));
-		}	
-		else {
-			$cache->clean(Zend_Cache::CLEANING_MODE_MATCHING_ANY_TAG, ClassInfo::ancestry($class));
+		} else {
+			$tags = ClassInfo::ancestry($class);
+			foreach($tags as &$tag) {
+				$tag = preg_replace('/[^a-zA-Z0-9_]/', '_', $tag);
+			}
+			$cache->clean(Zend_Cache::CLEANING_MODE_MATCHING_ANY_TAG, $tags);
 		}
 	}
 
@@ -108,7 +111,7 @@ public function XML_val($name, $args) {
 
 		if (!($result = $cache->load($cachekey))) {
 			$result = (string)$query->execute()->value(); if (!$result) $result = '0';
-			$cache->save($result, null, array('aggregate', $this->type));
+			$cache->save($result, null, array('aggregate', preg_replace('/[^a-zA-Z0-9_]/', '_', $this->type)));
 		}
 
 		return $result;

diff --git a/view/SSTemplateParser.php.inc b/view/SSTemplateParser.php.inc
@@ -490,6 +490,7 @@ class SSTemplateParser extends Parser {
 		$block = ++$res['subblocks'];
 		// Build the key for this block from the passed cache key, the block index, and the sha hash of the template itself
 		$key = "'" . sha1($sub['php']) . (isset($res['key']) && $res['key'] ? "_'.sha1(".$res['key'].")" : "'") . ".'_$block'";
+		$key = preg_replace('/[^a-zA-Z0-9_]/', '_', $key);
 		// Get any condition
 		$condition = isset($res['condition']) ? $res['condition'] : '';