Joomla! Discussion Forums

I'm finalizing a plugin which needs PHP code to be input as a parameter to it. Obviously PHP code means that it contains all possible kinds of 'dangerous' symbols, like $,&,\n,| and so on.

Apparently the store process behaves perfectly and the code is stored, in an escaped form, with the plugin parameters in the DB. Then, when I load the data, either from inside the plugin code and from the admin interface, something breaks it and I get back just the last line, which is a very useful }.

I've tracked down the problem to JRegistryFormatINI::stringToObject() but there I'm stuck, because I have no idea of why ini.php lines 172 etc. are there. Why check for a '|' and then if $value is already a line of something that has already been exploded that way (line 107), and so should contain no newlines?
Moreover, at that same line $lines seems to be used in a way which may brake the outer foreach loop (line 132). Can anybody help me with this? Thank you

I definitely think it is buggy.

1. You can't save a string with '|'s and '\n's as it will be exploded as an array. In a strange manner though, it trats it something like a bi-dimensional array. It first splits the value by '\n's, then each line by '|'s, and then accumulates everything in a strange way, by the way unescaping those '\n's which can't be there since they were used as a line separator short above.
2. and however, it uses $lines and $line for a foreach loop, which is nested inside another one which uses the same variable names with a different meaning. This is a typical bug.
3. and by the way, even escaping '|' as '\|' is useless because the string matching is done with a simple strpos().

I really think that part should be rewritten: I can take charge, but I need to know what exactly it is supposed to do... It's totally unclear.

I posted a tracker item: http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=9945