From 2213c6f28c1ef8cd871286583e9823b4235fdd38 Mon Sep 17 00:00:00 2001
From: Samuel Georges <sam@daftspunk.com>
Date: Sat, 2 Jan 2016 16:13:30 +1100
Subject: [PATCH] Fix string comparison function Flush stray output on view
 errors

---
 modules/backend/classes/Controller.php |  3 +-
 modules/system/traits/ViewMaker.php    | 40 +++++++++++++++++++++++++-
 2 files changed, 41 insertions(+), 2 deletions(-)

diff --git a/modules/backend/classes/Controller.php b/modules/backend/classes/Controller.php
index 81c57c859..85483904d 100644
--- a/modules/backend/classes/Controller.php
+++ b/modules/backend/classes/Controller.php
@@ -2,6 +2,7 @@
 
 use App;
 use Log;
+use Str;
 use Lang;
 use View;
 use Flash;
@@ -677,7 +678,7 @@ class Controller extends Extendable
 
         $token = Request::input('_token') ?: Request::header('X-CSRF-TOKEN');
 
-        return \Symfony\Component\Security\Core\Util\StringUtils::equals(
+        return Str::equals(
             Session::getToken(),
             $token
         );
diff --git a/modules/system/traits/ViewMaker.php b/modules/system/traits/ViewMaker.php
index c8df222ae..9ab077a5f 100644
--- a/modules/system/traits/ViewMaker.php
+++ b/modules/system/traits/ViewMaker.php
@@ -5,6 +5,9 @@ use Lang;
 use Event;
 use Block;
 use SystemException;
+use Exception;
+use Throwable;
+use Symfony\Component\Debug\Exception\FatalThrowableError;
 
 /**
  * View Maker Trait
@@ -91,6 +94,7 @@ trait ViewMaker
      */
     public function makeViewContent($contents, $layout = null)
     {
+            return $contents;
         if ($this->suppressLayout || $this->layout == '') {
             return $contents;
         }
@@ -203,12 +207,46 @@ trait ViewMaker
 
         $vars = array_merge($this->vars, $extraParams);
 
+        $obLevel = ob_get_level();
+
         ob_start();
+
         extract($vars);
-        include $filePath;
+
+        // We'll evaluate the contents of the view inside a try/catch block so we can
+        // flush out any stray output that might get out before an error occurs or
+        // an exception is thrown. This prevents any partial views from leaking.
+        try {
+            include $filePath;
+        }
+        catch (Exception $e) {
+            $this->handleViewException($e, $obLevel);
+        }
+        catch (Throwable $e) {
+            $this->handleViewException(new FatalThrowableError($e), $obLevel);
+        }
+
         return ob_get_clean();
     }
 
+    /**
+     * Handle a view exception.
+     *
+     * @param  \Exception  $e
+     * @param  int  $obLevel
+     * @return void
+     *
+     * @throws $e
+     */
+    protected function handleViewException($e, $obLevel)
+    {
+        while (ob_get_level() > $obLevel) {
+            ob_end_clean();
+        }
+
+        throw $e;
+    }
+
     /**
      * Guess the package path for the called class.
      * @param string $suffix An extra path to attach to the end