smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-05 19:04:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

disable variable func calls completely

Browse Source
This commit is contained in:
mohrt
2005-03-30 16:48:41 +00:00
parent 3297026a00
commit 741ffd0e92
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
libs/Smarty_Compiler.class.php
View File

@@ -1372,9 +1372,9 @@ class Smarty_Compiler extends Smarty {
!in_array($token, $this->security_settings['IF_FUNCS'])) { !in_array($token, $this->security_settings['IF_FUNCS'])) {
$this->_syntax_error("(secure mode) '$token' not allowed in if statement", E_USER_ERROR, __FILE__, __LINE__); $this->_syntax_error("(secure mode) '$token' not allowed in if statement", E_USER_ERROR, __FILE__, __LINE__);
} }
} elseif($this->security && preg_match('~^' . $this->_var_regexp . '$~', $token) && isset($tokens[$i+1]) && $tokens[$i+1] == '(') { } elseif(preg_match('~^' . $this->_var_regexp . '$~', $token) && isset($tokens[$i+1]) && $tokens[$i+1] == '(') {
// variable function call // variable function call
$this->_syntax_error("(secure mode) variable function call '$token' not allowed in if statement", E_USER_ERROR, __FILE__, __LINE__); $this->_syntax_error("variable function call '$token' not allowed in if statement", E_USER_ERROR, __FILE__, __LINE__);
} elseif(preg_match('~^' . $this->_obj_call_regexp . '|' . $this->_var_regexp . '(?:' . $this->_mod_regexp . '*)$~', $token)) { } elseif(preg_match('~^' . $this->_obj_call_regexp . '|' . $this->_var_regexp . '(?:' . $this->_mod_regexp . '*)$~', $token)) {
// object or variable // object or variable
$token = $this->_parse_var_props($token); $token = $this->_parse_var_props($token);