smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-05 10:54:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

- bugfix removed security hole when using {$smarty.template}

Browse Source
This commit is contained in:
uwe.tews@googlemail.com
2011-02-09 17:50:05 +00:00
parent 5c8541eae3
commit 0154f17de2
2 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
change_log.txt
View File

@@ -1,4 +1,7 @@
===== SVN trunk =====
09/02/2011
- bugfix removed security hole when using {$smarty.template}
01/02/2011
- removed assert() from config and template parser

6
libs/sysplugins/smarty_internal_compile_private_special_variable.php
View File

@@ -56,12 +56,10 @@ class Smarty_Internal_Compile_Private_Special_Variable extends Smarty_Internal_C
break;
case 'template':
$_template_name = basename($compiler->template->getTemplateFilepath());
return "'$_template_name'";
return 'basename($_smarty_tpl->getTemplateFilepath())';
case 'current_dir':
$_template_dir_name = dirname($compiler->template->getTemplateFilepath());
return "'$_template_dir_name'";
return 'dirname($_smarty_tpl->getTemplateFilepath())';
case 'version':
$_version = Smarty::SMARTY_VERSION;