diff --git a/NEWS b/NEWS
index 1dff7c4e..5aa1c21a 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,5 @@
+ - added security features for third party template editing (Monte,Andrei)
+ - added assign custom function, documented (Monte)
- fixed a problem with putting $ followed by numbers inside {strip} and
{/strip} tags. (Andrei)
- fixed Config_File class to allow empty config paths (defaults to current
diff --git a/Smarty.addons.php b/Smarty.addons.php
index 2c4ea3f4..476af527 100644
--- a/Smarty.addons.php
+++ b/Smarty.addons.php
@@ -208,18 +208,15 @@ function smarty_mod_default($string, $default="")
function smarty_func_assign($vars,&$smarty_obj)
{
extract($vars);
- $smarty_obj->assign($var,$val);
- return true;
-}
-
-/*======================================================================*\
- Function: smarty_func_unassign
- Purpose: unassign a template variable
-\*======================================================================*/
-function smarty_func_unassign($vars,&$smarty_obj)
-{
- extract($vars);
- $smarty_obj->clear_assign($var);
+ if(empty($var)) {
+ trigger_error("assign: missing 'var' parameter");
+ return;
+ }
+ if(empty($value)) {
+ trigger_error("assign: missing 'value' parameter");
+ return;
+ }
+ $smarty_obj->assign($var,$value);
return true;
}
diff --git a/Smarty.class.php b/Smarty.class.php
index 9d7bdf36..8ba11946 100644
--- a/Smarty.class.php
+++ b/Smarty.class.php
@@ -121,8 +121,7 @@ class Smarty
'math' => 'smarty_func_math',
'fetch' => 'smarty_func_fetch',
'counter' => 'smarty_func_counter',
- 'assign' => 'smarty_func_assign',
- 'unassign' => 'smarty_func_unassign'
+ 'assign' => 'smarty_func_assign'
);
var $custom_mods = array( 'lower' => 'strtolower',
@@ -245,7 +244,6 @@ class Smarty
unset($this->_tpl_vars[$curr_var]);
else
unset($this->_tpl_vars[$tpl_var]);
- $this->_extract = true;
}
diff --git a/docs.sgml b/docs.sgml
index 7855850a..8c0eb415 100644
--- a/docs.sgml
+++ b/docs.sgml
@@ -2523,9 +2523,65 @@ OUTPUT:
Custom Functions
- Custom functions in Smarty work much the same as the built-in functions
- syntactically.
+ Custom functions in Smarty work much the same as the built-in functions,
+ except that built-in functions cannot be modified. Custom functions are
+ located in Smarty.addons.php, built-in functions are not.
+
+ assign
+
+
+
+
+
+
+
+
+
+ Attribute Name
+ Type
+ Required
+ Default
+ Description
+
+
+
+
+ val
+ string
+ Yes
+ n/a
+ The name of the variable being assigned
+
+
+ value
+ string
+ Yes
+ n/a
+ The value being assigned
+
+
+
+
+
+ assign is used for assigning template variables during the execution
+ of the template. assign was added to Smarty 1.4.3.
+
+
+assign
+
+
+{assign var="name" value="Bob"}
+
+The value of $name is {$name}.
+
+OUTPUT:
+
+The value of $name is Bob.
+
+
+
+ counter
@@ -4176,6 +4232,27 @@ Parse error: parse error in /path/to/smarty/templates_c/index.tpl.php on line 75
{$title|default:" "}
+
+
+
+
+ Default Variable Handling
+
+ If a variable is used frequently throughout your templates, applying
+ the default modifier every time it is mentioned can get a bit ugly. You
+ can remedy this by assigning the variable its default value with the
+ assign function.
+
+
+Assigning a template variable its default value
+
+
+{* do this somewhere at the top of your template *}
+{assign var="title" value=$title|default:"no title"}
+
+{* if $title was empty, it now contains the value "no title" when you print it *}
+{$title}
+
diff --git a/libs/Smarty.class.php b/libs/Smarty.class.php
index 9d7bdf36..8ba11946 100644
--- a/libs/Smarty.class.php
+++ b/libs/Smarty.class.php
@@ -121,8 +121,7 @@ class Smarty
'math' => 'smarty_func_math',
'fetch' => 'smarty_func_fetch',
'counter' => 'smarty_func_counter',
- 'assign' => 'smarty_func_assign',
- 'unassign' => 'smarty_func_unassign'
+ 'assign' => 'smarty_func_assign'
);
var $custom_mods = array( 'lower' => 'strtolower',
@@ -245,7 +244,6 @@ class Smarty
unset($this->_tpl_vars[$curr_var]);
else
unset($this->_tpl_vars[$tpl_var]);
- $this->_extract = true;
}