fixed problem with using assigned var with include_php filepath

2025-08-04 10:24:26 +02:00 · 2001-12-28 16:53:33 +00:00
parent 1d37ff42c2
commit 0ac9492a7b
5 changed files with 14 additions and 12 deletions
--- a/2
+++ b/2
@@ -1,3 +1,5 @@
+    - fixed problem with using assigned vars with {include_php ...} filepath
+      (Monte)
 Version 1.5.2
 -------------
    - added Smarty object as fifth argument for template resource functions
--- a/Smarty.class.php
+++ b/Smarty.class.php
@@ -1120,10 +1120,10 @@ function _is_trusted($resource_type, $resource_name)
                $this->_parse_file_path($this->trusted_dir, $this->_dequote($args['script']), $resource_type, $resource_name);
                if ($this->security) {
                    if( $resource_type != 'file' || !@is_file($resource_name)) {
-                        $this->_syntax_error("include_php: $resource_type: $resource_name is not readable");                return false;
+                        $this->_syntax_error("insert: $resource_type: $resource_name is not readable");                return false;
                    }
                    if (!$this->_is_trusted($resource_type, $resource_name)) {
-                        $this->_syntax_error("include_php: $resource_type: $resource_name is not trusted");
+                        $this->_syntax_error("insert: $resource_type: $resource_name is not trusted");
                        return false;
                    }
                }
@@ -1166,10 +1166,10 @@ function _run_insert_handler($args)
            $this->_parse_file_path($this->trusted_dir, $this->_dequote($args['script']), $resource_type, $resource_name);
            if ($this->security) {
                if( $resource_type != 'file' || !@is_file($resource_name)) {
-                    $this->_syntax_error("include_php: $resource_type: $resource_name is not readable");                return false;
+                    $this->_syntax_error("insert: $resource_type: $resource_name is not readable");                return false;
                }
                if (!$this->_is_trusted($resource_type, $resource_name)) {
-                    $this->_syntax_error("include_php: $resource_type: $resource_name is not trusted");
+                    $this->_syntax_error("insert: $resource_type: $resource_name is not trusted");
                    return false;
                }
            }
--- a/Smarty_Compiler.class.php
+++ b/Smarty_Compiler.class.php
@@ -489,10 +489,10 @@ class Smarty_Compiler extends Smarty {
 		
        if (!empty($attrs['assign'])) {
 			$output = "<?php ob_start();\n";
-			$output .= "include('" . $resource_name . "');\n";
+			$output .= 'include("' . $resource_name . '");'."\n";
 			$output .= "\$this->assign(" . $this->_dequote($attrs['assign']).", ob_get_contents()); ob_end_clean();\n?>";
 		} else {
-        	$output =  "<?php include('" . $resource_name . "'); ?>";
+        	$output =  '<?php include("' . $resource_name . '"); ?>';
 		}

 		return $output;
--- a/libs/Smarty.class.php
+++ b/libs/Smarty.class.php
@@ -1120,10 +1120,10 @@ function _is_trusted($resource_type, $resource_name)
                $this->_parse_file_path($this->trusted_dir, $this->_dequote($args['script']), $resource_type, $resource_name);
                if ($this->security) {
                    if( $resource_type != 'file' || !@is_file($resource_name)) {
-                        $this->_syntax_error("include_php: $resource_type: $resource_name is not readable");                return false;
+                        $this->_syntax_error("insert: $resource_type: $resource_name is not readable");                return false;
                    }
                    if (!$this->_is_trusted($resource_type, $resource_name)) {
-                        $this->_syntax_error("include_php: $resource_type: $resource_name is not trusted");
+                        $this->_syntax_error("insert: $resource_type: $resource_name is not trusted");
                        return false;
                    }
                }
@@ -1166,10 +1166,10 @@ function _run_insert_handler($args)
            $this->_parse_file_path($this->trusted_dir, $this->_dequote($args['script']), $resource_type, $resource_name);
            if ($this->security) {
                if( $resource_type != 'file' || !@is_file($resource_name)) {
-                    $this->_syntax_error("include_php: $resource_type: $resource_name is not readable");                return false;
+                    $this->_syntax_error("insert: $resource_type: $resource_name is not readable");                return false;
                }
                if (!$this->_is_trusted($resource_type, $resource_name)) {
-                    $this->_syntax_error("include_php: $resource_type: $resource_name is not trusted");
+                    $this->_syntax_error("insert: $resource_type: $resource_name is not trusted");
                    return false;
                }
            }
--- a/libs/Smarty_Compiler.class.php
+++ b/libs/Smarty_Compiler.class.php
@@ -489,10 +489,10 @@ class Smarty_Compiler extends Smarty {
 		
        if (!empty($attrs['assign'])) {
 			$output = "<?php ob_start();\n";
-			$output .= "include('" . $resource_name . "');\n";
+			$output .= 'include("' . $resource_name . '");'."\n";
 			$output .= "\$this->assign(" . $this->_dequote($attrs['assign']).", ob_get_contents()); ob_end_clean();\n?>";
 		} else {
-        	$output =  "<?php include('" . $resource_name . "'); ?>";
+        	$output =  '<?php include("' . $resource_name . '"); ?>';
 		}

 		return $output;