@@ -224,10 +224,11 @@ private function lexValue()
224224 throw $ this createFormatException ('Missing quote to end the value ' );
225225 }
226226 ++$ this cursor ;
227- $ valuestr_replace (array ('\\\\' , '\\ " ''\r ' , '\n ' ), array ('\\' , '" ' , "\r" , "\n" ), $ value
227+ $ valuestr_replace (array ('\\" ' , '\r ' , '\n ' ), array ('" ' , "\r" , "\n" ), $ value
228228 $ resolvedValue$ value
229229 $ resolvedValue$ this resolveVariables ($ resolvedValue
230230 $ resolvedValue$ this resolveCommands ($ resolvedValue
231+ $ resolvedValuestr_replace ('\\\\' , '\\' , $ resolvedValue
231232 $ v$ resolvedValue
232233 } else {
233234 $ value'' ;
@@ -250,6 +251,7 @@ private function lexValue()
250251 $ resolvedValue$ value
251252 $ resolvedValue$ this resolveVariables ($ resolvedValue
252253 $ resolvedValue$ this resolveCommands ($ resolvedValue
254+ $ resolvedValuestr_replace ('\\\\' , '\\' , $ resolvedValue
253255
254256 if ($ resolvedValue$ valuepreg_match ('/\s+/ ' , $ value
255257 throw $ this createFormatException ('A value containing spaces must be surrounded by quotes ' );
@@ -350,24 +352,31 @@ private function resolveVariables($value)
350352 }
351353
352354 $ regex'/
353- ( \\\\)? # escaped with a backslash?
355+ (?<! \\\\)
356+ (?P<backslashes> \\\\*) # escaped with a backslash?
354357 \$
355- (?!\() # no opening parenthesis
356- (\{)? # optional brace
357- ( 'self ::VARNAME_REGEX .') # var name
358- (\})? # optional closing brace
358+ (?!\() # no opening parenthesis
359+ (?P<opening_brace> \{)? # optional brace
360+ (?P<name> 'self ::VARNAME_REGEX .')? # var name
361+ (?P<closing_brace> \})? # optional closing brace
359362 /x '
360363
361364 $ valuepreg_replace_callback ($ regexfunction ($ matches
362- if ('\\' === $ matches1 ]) {
365+ // odd number of backslashes means the $ character is escaped
366+ if (1 === \strlen ($ matches'backslashes ' ]) % 2 ) {
363367 return substr ($ matches0 ], 1 );
364368 }
365369
366- if ('{ ' === $ matches2 ] && !isset ($ matches4 ])) {
370+ // unescaped $ not followed by variable name
371+ if (!isset ($ matches'name ' ])) {
372+ return $ matches0 ];
373+ }
374+
375+ if ('{ ' === $ matches'opening_brace ' ] && !isset ($ matches'closing_brace ' ])) {
367376 throw $ this createFormatException ('Unclosed braces on variable expansion ' );
368377 }
369378
370- $ name$ matches3 ];
379+ $ name$ matches' name '
371380 if (isset ($ this values [$ name
372381 $ value$ this values [$ name
373382 } elseif (isset ($ _SERVER $ name0 !== strpos ($ name'HTTP_ ' )) {
@@ -378,15 +387,14 @@ private function resolveVariables($value)
378387 $ valuestring ) getenv ($ name
379388 }
380389
381- if (!$ matches2 ] && isset ($ matches4 ])) {
390+ if (!$ matches' opening_brace ' isset ($ matches' closing_brace '
382391 $ value'} ' ;
383392 }
384393
385- return $ value
394+ return $ matches [ ' backslashes ' ]. $ value
386395 }, $ value
387396
388- // unescape
8000
$
389- return str_replace ('\\$ ' , '$ ' , $ value
397+ return $ value
390398 }
391399
392400 private function moveCursor ($ text
0 commit comments