smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-05 02:44:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

convert writeFile() to object method to remove a vulnerability

Browse Source
This commit is contained in:
Uwe Tews
2015-01-21 21:12:00 +01:00
parent 7a1df12afa
commit 85f24ce413
3 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
libs/sysplugins/smarty_internal_cacheresource_file.php
View File

@@ -106,7 +106,8 @@ class Smarty_Internal_CacheResource_File extends Smarty_CacheResource
*/ */
public function writeCachedContent(Smarty_Internal_Template $_template, $content) public function writeCachedContent(Smarty_Internal_Template $_template, $content)
{ {
if (Smarty_Internal_Write_File::writeFile($_template->cached->filepath, $content, $_template->smarty) === true) { $obj = new Smarty_Internal_Write_File();
if ($obj->writeFile($_template->cached->filepath, $content, $_template->smarty) === true) {
$_template->cached->timestamp = @filemtime($_template->cached->filepath); $_template->cached->timestamp = @filemtime($_template->cached->filepath);
$_template->cached->exists = !!$_template->cached->timestamp; $_template->cached->exists = !!$_template->cached->timestamp;
if ($_template->cached->exists) { if ($_template->cached->exists) {

2
libs/sysplugins/smarty_internal_write_file.php
View File

@@ -25,7 +25,7 @@ class Smarty_Internal_Write_File
* @throws SmartyException * @throws SmartyException
* @return boolean true * @return boolean true
*/ */
public static function writeFile($_filepath, $_contents, Smarty $smarty) public function writeFile($_filepath, $_contents, Smarty $smarty)
{ {
$_error_reporting = error_reporting(); $_error_reporting = error_reporting();
error_reporting($_error_reporting & ~E_NOTICE & ~E_WARNING); error_reporting($_error_reporting & ~E_NOTICE & ~E_WARNING);

3
libs/sysplugins/smarty_template_compiled.php
View File

@@ -247,7 +247,8 @@ class Smarty_Template_Compiled
public function write(Smarty_Internal_Template $_template, $code) public function write(Smarty_Internal_Template $_template, $code)
{ {
if (!$_template->source->recompiled) { if (!$_template->source->recompiled) {
if (Smarty_Internal_Write_File::writeFile($this->filepath, $code, $_template->smarty) === true) { $obj = new Smarty_Internal_Write_File();
if ($obj->writeFile($this->filepath, $code, $_template->smarty) === true) {
$this->timestamp = @filemtime($this->filepath); $this->timestamp = @filemtime($this->filepath);
$this->exists = !!$this->timestamp; $this->exists = !!$this->timestamp;
if ($this->exists) { if ($this->exists) {