smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-04 10:24:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

check strict syntax of function attributes

Browse Source
This commit is contained in:
mohrt
2003-02-13 15:28:14 +00:00
parent 7aba4537a9
commit 6cb413bbfc
3 changed files with 25 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS
View File

@@ -1,5 +1,7 @@
- check strict syntax of function attributes (Monte)
- dropped support for modifers on object parameters,
added support for objects as modifier parameters
added support for objects as modifier parameters (Monte)
- fixed bug with decimal numbers in if statements (Monte)
Version 2.4.2 (Feb 11, 2003)
----------------------------

19
Smarty_Compiler.class.php
View File

@@ -162,7 +162,7 @@ class Smarty_Compiler extends Smarty {
$this->_func_regexp = '[a-zA-Z_]\w*';
// matches valid registered object:
// foo.bar
// foo->bar
$this->_reg_obj_regexp = '[a-zA-Z_]\w*->[a-zA-Z_]\w*';
// matches valid parameter values:
@@ -193,7 +193,6 @@ class Smarty_Compiler extends Smarty {
// foo123($foo,$foo->bar(),"foo")
$this->_func_call_regexp = '(?:' . $this->_func_regexp . '\s*(?:'
. $this->_parenth_param_regexp . '))';
}
/**
@@ -1097,7 +1096,7 @@ class Smarty_Compiler extends Smarty {
preg_match_all('/(?>
' . $this->_obj_call_regexp . '(?:' . $this->_mod_regexp . '*) | # valid object call
' . $this->_var_regexp . '(?:' . $this->_mod_regexp . '*) | # var or quoted string
\-?\d+(?:\.\d+)?|!==|<=>|==|!=|<=|>=|\&\&|\|\||\(|\)|,|\!|\^|=|<|>|\||\%|\+|\-|\/|\* | # valid non-word token
\-?\d+(?:\.\d+)?|\.\d+|!==|<=>|==|!=|<=|>=|\&\&|\|\||\(|\)|,|\!|\^|=|\&|\~|<|>|\||\%|\+|\-|\/|\* | # valid non-word token
\b\w+\b | # valid word token
\S+ # anything else
)/x', $tag_args, $match);
@@ -1338,7 +1337,7 @@ class Smarty_Compiler extends Smarty {
$attr_name = $token;
$state = 1;
} else
$this->_syntax_error("invalid attribute name - '$token'", E_USER_ERROR, __FILE__, __LINE__);
$this->_syntax_error("invalid attribute name: '$token'", E_USER_ERROR, __FILE__, __LINE__);
break;
case 1:
@@ -1355,14 +1354,16 @@ class Smarty_Compiler extends Smarty {
if ($token != '=') {
/* We booleanize the token if it's a non-quoted possible
boolean value. */
if (preg_match('!^(on|yes|true)$!', $token))
if (preg_match('!^(on|yes|true)$!', $token)) {
$token = true;
else if (preg_match('!^(off|no|false)$!', $token))
} else if (preg_match('!^(off|no|false)$!', $token)) {
$token = false;
/* If the token is just a string,
we double-quote it. */
else if (preg_match('!^\w+$!', $token)) {
} else if (preg_match('!^[\w\.]+$!', $token)) {
/* If the token is just a string,
we double-quote it. */
$token = '"'.$token.'"';
} else if (!preg_match('!^' . $this->_obj_call_regexp . '|' . $this->_var_regexp . '(?:' . $this->_mod_regexp . ')?$!', $token)) {
$this->_syntax_error("invalid attribute value: '$token'", E_USER_ERROR, __FILE__, __LINE__);
}
$attrs[$attr_name] = $token;

19
libs/Smarty_Compiler.class.php
View File

@@ -162,7 +162,7 @@ class Smarty_Compiler extends Smarty {
$this->_func_regexp = '[a-zA-Z_]\w*';
// matches valid registered object:
// foo.bar
// foo->bar
$this->_reg_obj_regexp = '[a-zA-Z_]\w*->[a-zA-Z_]\w*';
// matches valid parameter values:
@@ -193,7 +193,6 @@ class Smarty_Compiler extends Smarty {
// foo123($foo,$foo->bar(),"foo")
$this->_func_call_regexp = '(?:' . $this->_func_regexp . '\s*(?:'
. $this->_parenth_param_regexp . '))';
}
/**
@@ -1097,7 +1096,7 @@ class Smarty_Compiler extends Smarty {
preg_match_all('/(?>
' . $this->_obj_call_regexp . '(?:' . $this->_mod_regexp . '*) | # valid object call
' . $this->_var_regexp . '(?:' . $this->_mod_regexp . '*) | # var or quoted string
\-?\d+(?:\.\d+)?|!==|<=>|==|!=|<=|>=|\&\&|\|\||\(|\)|,|\!|\^|=|<|>|\||\%|\+|\-|\/|\* | # valid non-word token
\-?\d+(?:\.\d+)?|\.\d+|!==|<=>|==|!=|<=|>=|\&\&|\|\||\(|\)|,|\!|\^|=|\&|\~|<|>|\||\%|\+|\-|\/|\* | # valid non-word token
\b\w+\b | # valid word token
\S+ # anything else
)/x', $tag_args, $match);
@@ -1338,7 +1337,7 @@ class Smarty_Compiler extends Smarty {
$attr_name = $token;
$state = 1;
} else
$this->_syntax_error("invalid attribute name - '$token'", E_USER_ERROR, __FILE__, __LINE__);
$this->_syntax_error("invalid attribute name: '$token'", E_USER_ERROR, __FILE__, __LINE__);
break;
case 1:
@@ -1355,14 +1354,16 @@ class Smarty_Compiler extends Smarty {
if ($token != '=') {
/* We booleanize the token if it's a non-quoted possible
boolean value. */
if (preg_match('!^(on|yes|true)$!', $token))
if (preg_match('!^(on|yes|true)$!', $token)) {
$token = true;
else if (preg_match('!^(off|no|false)$!', $token))
} else if (preg_match('!^(off|no|false)$!', $token)) {
$token = false;
/* If the token is just a string,
we double-quote it. */
else if (preg_match('!^\w+$!', $token)) {
} else if (preg_match('!^[\w\.]+$!', $token)) {
/* If the token is just a string,
we double-quote it. */
$token = '"'.$token.'"';
} else if (!preg_match('!^' . $this->_obj_call_regexp . '|' . $this->_var_regexp . '(?:' . $this->_mod_regexp . ')?$!', $token)) {
$this->_syntax_error("invalid attribute value: '$token'", E_USER_ERROR, __FILE__, __LINE__);
}
$attrs[$attr_name] = $token;