mirror of
https://github.com/smarty-php/smarty.git
synced 2025-08-05 10:54:27 +02:00
Merge branch 'v2.6.26'
This commit is contained in:
Uwe Tews
3
NEWS
3
NEWS
@@ -1,3 +1,6 @@
|
|||||||
|
- revert super global access changes, and instead rely on
|
||||||
|
USE_SUPER_GLOBALS for security
|
||||||
|
|
||||||
Version 2.6.25 (May 19th, 2009)
|
Version 2.6.25 (May 19th, 2009)
|
||||||
-------------------------------
|
-------------------------------
|
||||||
- fix E_NOTICE when sessions are disabled (mohrt)
|
- fix E_NOTICE when sessions are disabled (mohrt)
|
||||||
|
|||||||
@@ -562,14 +562,6 @@ class Smarty
|
|||||||
*/
|
*/
|
||||||
var $_cache_including = false;
|
var $_cache_including = false;
|
||||||
|
|
||||||
/**
|
|
||||||
* array of super globals internally
|
|
||||||
*
|
|
||||||
* @var array
|
|
||||||
*/
|
|
||||||
var $_supers = array();
|
|
||||||
|
|
||||||
|
|
||||||
/**#@-*/
|
/**#@-*/
|
||||||
/**
|
/**
|
||||||
* The class constructor.
|
* The class constructor.
|
||||||
@@ -578,18 +570,6 @@ class Smarty
|
|||||||
{
|
{
|
||||||
$this->assign('SCRIPT_NAME', isset($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME']
|
$this->assign('SCRIPT_NAME', isset($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME']
|
||||||
: @$GLOBALS['HTTP_SERVER_VARS']['SCRIPT_NAME']);
|
: @$GLOBALS['HTTP_SERVER_VARS']['SCRIPT_NAME']);
|
||||||
|
|
||||||
$this->_supers['get'] = $this->request_use_auto_globals ? $_GET : $GLOBALS['HTTP_GET_VARS'];
|
|
||||||
$this->_supers['post'] = $this->request_use_auto_globals ? $_POST : $GLOBALS['HTTP_POST_VARS'];
|
|
||||||
$this->_supers['server'] = $this->request_use_auto_globals ? $_SERVER : $GLOBALS['HTTP_SERVER_VARS'];
|
|
||||||
if(isset($_SESSION))
|
|
||||||
$this->_supers['session'] = $this->request_use_auto_globals ? $_SESSION : $GLOBALS['HTTP_SESSION_VARS'];
|
|
||||||
else
|
|
||||||
$this->_supers['session'] = array();
|
|
||||||
$this->_supers['request'] = $this->request_use_auto_globals ? $_REQUEST : $GLOBALS['HTTP_REQUEST_VARS'];
|
|
||||||
$this->_supers['cookies'] = $this->request_use_auto_globals ? $_COOKIE : $GLOBALS['HTTP_COOKIE_VARS'];
|
|
||||||
$this->_supers['env'] = $this->request_use_auto_globals ? $_ENV : $GLOBALS['HTTP_ENV_VARS'];
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -2047,27 +2047,57 @@ class Smarty_Compiler extends Smarty {
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case 'get':
|
case 'get':
|
||||||
$compiled_ref = "\$this->_supers['get']";
|
if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
|
||||||
|
$this->_syntax_error("(secure mode) super global access not permitted",
|
||||||
|
E_USER_WARNING, __FILE__, __LINE__);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
$compiled_ref = "\$_GET";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'post':
|
case 'post':
|
||||||
$compiled_ref = "\$this->_supers['post']";
|
if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
|
||||||
|
$this->_syntax_error("(secure mode) super global access not permitted",
|
||||||
|
E_USER_WARNING, __FILE__, __LINE__);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
$compiled_ref = "\$_POST";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'cookies':
|
case 'cookies':
|
||||||
$compiled_ref = "\$this->_supers['cookies']";
|
if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
|
||||||
|
$this->_syntax_error("(secure mode) super global access not permitted",
|
||||||
|
E_USER_WARNING, __FILE__, __LINE__);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
$compiled_ref = "\$_COOKIE";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'env':
|
case 'env':
|
||||||
$compiled_ref = "\$this->_supers['env']";
|
if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
|
||||||
|
$this->_syntax_error("(secure mode) super global access not permitted",
|
||||||
|
E_USER_WARNING, __FILE__, __LINE__);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
$compiled_ref = "\$_ENV";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'server':
|
case 'server':
|
||||||
$compiled_ref = "\$this->_supers['server']";
|
if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
|
||||||
|
$this->_syntax_error("(secure mode) super global access not permitted",
|
||||||
|
E_USER_WARNING, __FILE__, __LINE__);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
$compiled_ref = "\$_SERVER";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'session':
|
case 'session':
|
||||||
$compiled_ref = "\$this->_supers['session']";
|
if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
|
||||||
|
$this->_syntax_error("(secure mode) super global access not permitted",
|
||||||
|
E_USER_WARNING, __FILE__, __LINE__);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
$compiled_ref = "\$_SESSION";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -2075,8 +2105,13 @@ class Smarty_Compiler extends Smarty {
|
|||||||
* compiler.
|
* compiler.
|
||||||
*/
|
*/
|
||||||
case 'request':
|
case 'request':
|
||||||
|
if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
|
||||||
|
$this->_syntax_error("(secure mode) super global access not permitted",
|
||||||
|
E_USER_WARNING, __FILE__, __LINE__);
|
||||||
|
return;
|
||||||
|
}
|
||||||
if ($this->request_use_auto_globals) {
|
if ($this->request_use_auto_globals) {
|
||||||
$compiled_ref = "\$this->_supers['request']";
|
$compiled_ref = "\$_REQUEST";
|
||||||
break;
|
break;
|
||||||
} else {
|
} else {
|
||||||
$this->_init_smarty_vars = true;
|
$this->_init_smarty_vars = true;
|
||||||
|
|||||||
Reference in New Issue
Block a user