smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-06 03:14:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix php tag escapement logic

Browse Source
This commit is contained in:
mohrt
2001-02-10 22:46:40 +00:00
parent 7ba32aee46
commit 7b3bdfd837
3 changed files with 43 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
NEWS
View File

@@ -1,3 +1,4 @@
- fix php tag escapement logic (Monte)
- added header function (Monte)
- added file locking to prevent reader/writer problem. (Andrei)
- made Smarty catch unimplemented modifiers and custom functions and output

24
Smarty.class.php
View File

@@ -1,4 +1,4 @@
<?
<?php
/*
* Project: Smarty: the PHP compiling template engine
* File: Smarty.class.php
@@ -509,9 +509,25 @@ class Smarty
$template_tags = $match[1];
/* Split content by template tags to obtain non-template content. */
$text_blocks = preg_split("!{$ldq}.*?{$rdq}!s", $template_contents);
if(!$this->allow_php) {
/* Escape php tags. */
$text_blocks = preg_replace('!<\?([^?]*?)\?>!', '&lt;?$1?&gt;', $text_blocks);
$special_tags = preg_match_all('!(<\?[^?]*?\?>)!i',$text_blocks,$sp_match);
/* TODO: speed up the following with preg_replace and /F once we require that version of PHP */
/* loop through text blocks */
for($curr_tb = 0; $curr_tb <= count($text_blocks); $curr_tb++) {
/* match anything within <? ?> */
if(preg_match_all('!(<\?[^?]*?\?>)!i',$text_blocks[$curr_tb],$sp_match)) {
/* found at least one match, loop through each one */
foreach($sp_match[0] as $curr_sp) {
if(!$this->allow_php)
/* we don't allow php, so echo anything in <? ?> */
$text_blocks[$curr_tb] = str_replace($curr_sp,'<?php echo \''.addslashes($curr_sp).'\'; ?>',$text_blocks[$curr_tb]);
elseif(!preg_match("!^<\?(php | )!i",$curr_sp))
/* we allow php, so echo only non-php such as <?xml ?> */
$text_blocks[$curr_tb] = str_replace($curr_sp,'<?php echo \''.addslashes($curr_sp).'\'; ?>',$text_blocks[$curr_tb]);
}
}
}
/* Compile the template tags into PHP code. */

24
libs/Smarty.class.php
View File

@@ -1,4 +1,4 @@
<?
<?php
/*
* Project: Smarty: the PHP compiling template engine
* File: Smarty.class.php
@@ -509,9 +509,25 @@ class Smarty
$template_tags = $match[1];
/* Split content by template tags to obtain non-template content. */
$text_blocks = preg_split("!{$ldq}.*?{$rdq}!s", $template_contents);
if(!$this->allow_php) {
/* Escape php tags. */
$text_blocks = preg_replace('!<\?([^?]*?)\?>!', '&lt;?$1?&gt;', $text_blocks);
$special_tags = preg_match_all('!(<\?[^?]*?\?>)!i',$text_blocks,$sp_match);
/* TODO: speed up the following with preg_replace and /F once we require that version of PHP */
/* loop through text blocks */
for($curr_tb = 0; $curr_tb <= count($text_blocks); $curr_tb++) {
/* match anything within <? ?> */
if(preg_match_all('!(<\?[^?]*?\?>)!i',$text_blocks[$curr_tb],$sp_match)) {
/* found at least one match, loop through each one */
foreach($sp_match[0] as $curr_sp) {
if(!$this->allow_php)
/* we don't allow php, so echo anything in <? ?> */
$text_blocks[$curr_tb] = str_replace($curr_sp,'<?php echo \''.addslashes($curr_sp).'\'; ?>',$text_blocks[$curr_tb]);
elseif(!preg_match("!^<\?(php | )!i",$curr_sp))
/* we allow php, so echo only non-php such as <?xml ?> */
$text_blocks[$curr_tb] = str_replace($curr_sp,'<?php echo \''.addslashes($curr_sp).'\'; ?>',$text_blocks[$curr_tb]);
}
}
}
/* Compile the template tags into PHP code. */