smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-02 09:24:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Change file permissions for directories and respect umask for written files.

Browse Source 
Fixes #548
Fixes #819
This commit is contained in:
Simon Wisselink
2022-11-22 22:25:26 +01:00
parent 613c5d691c
commit 69c4e07940
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@@ -13,6 +13,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Include docs and demo in the releases [#799](https://github.com/smarty-php/smarty/issues/799) - Include docs and demo in the releases [#799](https://github.com/smarty-php/smarty/issues/799)
- Using PHP functions as modifiers now triggers a deprecation notice because we will drop support for this in the next major release [#813](https://github.com/smarty-php/smarty/issues/813) - Using PHP functions as modifiers now triggers a deprecation notice because we will drop support for this in the next major release [#813](https://github.com/smarty-php/smarty/issues/813)
- Dropped remaining references to removed PHP-support in Smarty 4 from docs, lexer and security class. [#816](https://github.com/smarty-php/smarty/issues/816) - Dropped remaining references to removed PHP-support in Smarty 4 from docs, lexer and security class. [#816](https://github.com/smarty-php/smarty/issues/816)
- Support umask when writing (template) files and set dir permissions to 777 [#548](https://github.com/smarty-php/smarty/issues/548) [#819](https://github.com/smarty-php/smarty/issues/819)
### Fixed ### Fixed
- Output buffer is now cleaned for internal PHP errors as well, not just for Exceptions [#514](https://github.com/smarty-php/smarty/issues/514) - Output buffer is now cleaned for internal PHP errors as well, not just for Exceptions [#514](https://github.com/smarty-php/smarty/issues/514)
@@ -24,6 +25,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Adapt Smarty upper/lower functions to be codesafe (e.g. for Turkish locale) [#586](https://github.com/smarty-php/smarty/pull/586) - Adapt Smarty upper/lower functions to be codesafe (e.g. for Turkish locale) [#586](https://github.com/smarty-php/smarty/pull/586)
- Bug fix for underscore and limited length in template name in custom resources [#581](https://github.com/smarty-php/smarty/pull/581) - Bug fix for underscore and limited length in template name in custom resources [#581](https://github.com/smarty-php/smarty/pull/581)
## [4.2.1] - 2022-09-14 ## [4.2.1] - 2022-09-14
### Security ### Security

6
libs/sysplugins/smarty_internal_runtime_writefile.php
View File

@@ -29,7 +29,6 @@ class Smarty_Internal_Runtime_WriteFile
{ {
$_error_reporting = error_reporting(); $_error_reporting = error_reporting();
error_reporting($_error_reporting & ~E_NOTICE & ~E_WARNING); error_reporting($_error_reporting & ~E_NOTICE & ~E_WARNING);
$old_umask = umask(0);
$_dirpath = dirname($_filepath); $_dirpath = dirname($_filepath);
// if subdirs, create dir structure // if subdirs, create dir structure
if ($_dirpath !== '.') { if ($_dirpath !== '.') {
@@ -37,7 +36,7 @@ class Smarty_Internal_Runtime_WriteFile
// loop if concurrency problem occurs // loop if concurrency problem occurs
// see https://bugs.php.net/bug.php?id=35326 // see https://bugs.php.net/bug.php?id=35326
while (!is_dir($_dirpath)) { while (!is_dir($_dirpath)) {
if (@mkdir($_dirpath, 0771, true)) { if (@mkdir($_dirpath, 0777, true)) {
break; break;
} }
clearstatcache(); clearstatcache();
@@ -85,8 +84,7 @@ class Smarty_Internal_Runtime_WriteFile
throw new SmartyException("unable to write file {$_filepath}"); throw new SmartyException("unable to write file {$_filepath}");
} }
// set file permissions // set file permissions
chmod($_filepath, 0644); @chmod($_filepath, 0666 & ~umask());
umask($old_umask);
error_reporting($_error_reporting); error_reporting($_error_reporting);
return true; return true;
} }