From 75ccd86c8adc5c4ed64f8e11d8f214db57478380 Mon Sep 17 00:00:00 2001
From: Uwe Tews <uwe.tews@googlemail.com>
Date: Sat, 27 Jun 2015 20:25:54 +0200
Subject: [PATCH] - update {include_php} with new realpath handling

---
 change_log.txt                                         |  3 ++-
 .../sysplugins/smarty_internal_compile_include_php.php | 10 ++++++----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/change_log.txt b/change_log.txt
index 8de26efb..fea821ec 100644
--- a/change_log.txt
+++ b/change_log.txt
@@ -3,7 +3,8 @@
   - bugfix resolve naming conflict between custom Smarty delimiter '<%' and PHP ASP tags https://github.com/smarty-php/smarty/issues/64
   - update $smarty->_realpath for relative path not starting with './'
   - update Smarty security with new realpath handling
-  
+  - update {include_php} with new realpath handling
+
  19.06.2015
   - improvement allow closures as callback at $smarty->registerFilter() https://github.com/smarty-php/smarty/issues/59
 
diff --git a/libs/sysplugins/smarty_internal_compile_include_php.php b/libs/sysplugins/smarty_internal_compile_include_php.php
index 76f506c5..f1b3f9ae 100644
--- a/libs/sysplugins/smarty_internal_compile_include_php.php
+++ b/libs/sysplugins/smarty_internal_compile_include_php.php
@@ -23,6 +23,7 @@ class Smarty_Internal_Compile_Include_Php extends Smarty_Internal_CompileBase
      * @see Smarty_Internal_CompileBase
      */
     public $required_attributes = array('file');
+
     /**
      * Attribute definition: Overwrites base class.
      *
@@ -30,6 +31,7 @@ class Smarty_Internal_Compile_Include_Php extends Smarty_Internal_CompileBase
      * @see Smarty_Internal_CompileBase
      */
     public $shorttag_order = array('file');
+
     /**
      * Attribute definition: Overwrites base class.
      *
@@ -62,7 +64,7 @@ class Smarty_Internal_Compile_Include_Php extends Smarty_Internal_CompileBase
         $_filepath = false;
         eval('$_file = ' . $_attr['file'] . ';');
         if (!isset($compiler->smarty->security_policy) && file_exists($_file)) {
-            $_filepath = $_file;
+            $_filepath = $compiler->smarty->_realpath($_file);
         } else {
             if (isset($compiler->smarty->security_policy)) {
                 $_dir = $compiler->smarty->security_policy->trusted_dir;
@@ -71,9 +73,9 @@ class Smarty_Internal_Compile_Include_Php extends Smarty_Internal_CompileBase
             }
             if (!empty($_dir)) {
                 foreach ((array) $_dir as $_script_dir) {
-                    $_script_dir = rtrim($_script_dir, '/\\') . DS;
-                    if (file_exists($_script_dir . $_file)) {
-                        $_filepath = $_script_dir . $_file;
+                    $_path = $compiler->smarty->_realpath($_script_dir . DS . $_file);
+                    if (file_exists($_path)) {
+                        $_filepath = $_path;
                         break;
                     }
                 }