@@ -, +, @@ 
------------------------------------------------------------------------
 - fix  function injection security hole closed (U.Tews)
------------------------------------------------------------------------
------------------------------------------------------------------------
------------------------------------------------------------------------
--- Smarty-2.6.20.orig/libs/Smarty_Compiler.class.php	(revision 2781)
+++ Smarty-2.6.20.orig/libs/Smarty_Compiler.class.php	(revision 2797)
@@ -1705,6 +1705,8 @@ 
         }
         // replace double quoted literal string with single quotes
         $_return = preg_replace('~^"([\s\w]+)"$~',"'\\1'",$_return);
+        // escape dollar sign if not printing a var
+        $_return = preg_replace('~\$(\W)~',"\\\\\$\\1",$_return);
         return $_return;
     }