diff --git a/ChangeLog b/ChangeLog index a864d097..a019e935 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2016-09-11 Uwe Tews + * {math} fix parameter checking order to avoid misleading message + * {math} replace wrong versiom + 2016-07-19 Uwe Tews * {math} shell injection vulnerability patch provided by Tim Weber @@ -783,7 +787,7 @@ docs/fr/programmers/plugins/plugins-inserts.xml: sync with EN -2006-10-14 Fernando Correa da Conceição +2006-10-14 Fernando Correa da Concei��o * docs/pt_BR/programmers/api-variables/variable-error-reporting.xml: New Translation @@ -4324,7 +4328,7 @@ fixed bug in _run_mod_handler * libs/Smarty_Compiler.class.php: - fixed bug with autoload-handling of modifiers. thanks ándre. + fixed bug with autoload-handling of modifiers. thanks �ndre. 2003-08-05 Messju Mohr diff --git a/libs/plugins/function.math.php b/libs/plugins/function.math.php index 655fe728..d0ce1e67 100644 --- a/libs/plugins/function.math.php +++ b/libs/plugins/function.math.php @@ -18,11 +18,11 @@ * @author Monte Ohrt * * @param array $params parameters - * @param Smarty_Internal_Template $template template object + * @param Smarty * * @return string|null */ -function smarty_function_math($params, $template) +function smarty_function_math($params, &$smarty) { static $_allowed_funcs = array('int' => true, 'abs' => true, 'ceil' => true, 'cos' => true, 'exp' => true, 'floor' => true, @@ -58,12 +58,28 @@ function smarty_function_math($params, $template) return; } + foreach ($params as $key => $val) { + if ($key != "equation" && $key != "format" && $key != "assign") { + // make sure value is not empty + if (strlen($val) == 0) { + trigger_error("math: parameter '{$key}' is empty", E_USER_WARNING); + + return; + } + if (!is_numeric($val)) { + trigger_error("math: parameter '{$key}' is not numeric", E_USER_WARNING); + + return; + } + } + } + // match all vars in equation, make sure all are passed preg_match_all('!(?:0x[a-fA-F0-9]+)|([a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*)!', $equation, $match); foreach ($match[ 1 ] as $curr_var) { if ($curr_var && !isset($params[ $curr_var ]) && !isset($_allowed_funcs[ $curr_var ])) { - trigger_error("math: function call $curr_var not allowed", E_USER_WARNING); + trigger_error("math: function call '{$curr_var}' not allowed, or missing parameter '{$curr_var}'", E_USER_WARNING); return; } @@ -71,17 +87,6 @@ function smarty_function_math($params, $template) foreach ($params as $key => $val) { if ($key != "equation" && $key != "format" && $key != "assign") { - // make sure value is not empty - if (strlen($val) == 0) { - trigger_error("math: parameter $key is empty", E_USER_WARNING); - - return; - } - if (!is_numeric($val)) { - trigger_error("math: parameter $key: is not numeric", E_USER_WARNING); - - return; - } $equation = preg_replace("/\b$key\b/", " \$params['$key'] ", $equation); } } @@ -92,13 +97,13 @@ function smarty_function_math($params, $template) if (empty($params[ 'assign' ])) { return $smarty_math_result; } else { - $template->assign($params[ 'assign' ], $smarty_math_result); + $smarty->assign($params[ 'assign' ], $smarty_math_result); } } else { if (empty($params[ 'assign' ])) { printf($params[ 'format' ], $smarty_math_result); } else { - $template->assign($params[ 'assign' ], sprintf($params[ 'format' ], $smarty_math_result)); + $smarty->assign($params[ 'assign' ], sprintf($params[ 'format' ], $smarty_math_result)); } } }