mirror of
https://github.com/smarty-php/smarty.git
synced 2025-08-06 03:14:27 +02:00
- make the date_format modifier work also on objects of the DateTime class
- implementation of parsetrees in the parser to close security holes and remove unwanted empty line in HTML output
This commit is contained in:
Uwe.Tews
@@ -1,3 +1,7 @@
|
||||
15/08/2010
|
||||
- make the date_format modifier work also on objects of the DateTime class
|
||||
- implementation of parsetrees in the parser to close security holes and remove unwanted empty line in HTML output
|
||||
|
||||
08/07/2010
|
||||
- bugfix on assigning multidimensional arrays within templates
|
||||
- corrected bugfix for truncate modifier
|
||||
|
||||
@@ -19,7 +19,7 @@ function smarty_make_timestamp($string)
|
||||
if(empty($string)) {
|
||||
// use "now":
|
||||
return time();
|
||||
} elseif (is_a($string,'DateTime')) {
|
||||
} elseif ($string instanceof DateTime) {
|
||||
return $string->getTimestamp();
|
||||
} elseif (preg_match('/^\d{14}$/', $string)) {
|
||||
// it is mysql timestamp format of YYYYMMDDHHMMSS?
|
||||
@@ -38,4 +38,4 @@ function smarty_make_timestamp($string)
|
||||
return $time;
|
||||
}
|
||||
}
|
||||
?>
|
||||
?>
|
||||
@@ -26,7 +26,7 @@ class Smarty_Internal_Compile_Block extends Smarty_Internal_CompileBase {
|
||||
$this->optional_attributes = array('assign', 'nocache');
|
||||
// check and get attributes
|
||||
$_attr = $this->_get_attributes($args);
|
||||
$save = array($_attr, $compiler->template->extracted_compiled_code, $compiler->template->extract_code, $this->compiler->nocache);
|
||||
$save = array($_attr, $compiler->parser->current_buffer, $this->compiler->nocache);
|
||||
$this->_open_tag('block', $save);
|
||||
if (isset($_attr['nocache'])) {
|
||||
if ($_attr['nocache'] == 'true') {
|
||||
@@ -34,8 +34,7 @@ class Smarty_Internal_Compile_Block extends Smarty_Internal_CompileBase {
|
||||
}
|
||||
}
|
||||
|
||||
$compiler->template->extract_code = true;
|
||||
$compiler->template->extracted_compiled_code = '';
|
||||
$compiler->parser->current_buffer = new _smarty_template_buffer($compiler->parser);
|
||||
$compiler->has_code = false;
|
||||
return true;
|
||||
}
|
||||
@@ -57,8 +56,6 @@ class Smarty_Internal_Compile_Blockclose extends Smarty_Internal_CompileBase {
|
||||
$this->compiler = $compiler;
|
||||
$this->smarty = $compiler->smarty;
|
||||
$this->compiler->has_code = true;
|
||||
// turn off block code extraction
|
||||
$compiler->template->extract_code = false;
|
||||
// check and get attributes
|
||||
$this->optional_attributes = array('name');
|
||||
$_attr = $this->_get_attributes($args);
|
||||
@@ -80,11 +77,11 @@ class Smarty_Internal_Compile_Blockclose extends Smarty_Internal_CompileBase {
|
||||
$_tpl->suppressHeader = true;
|
||||
$_tpl->suppressFileDependency = true;
|
||||
if (strpos($this->smarty->block_data[$_name]['source'], '%%%%SMARTY_PARENT%%%%') !== false) {
|
||||
$_output = str_replace('%%%%SMARTY_PARENT%%%%', $compiler->template->extracted_compiled_code, $_tpl->getCompiledTemplate());
|
||||
$_output = str_replace('%%%%SMARTY_PARENT%%%%', $compiler->parser->current_buffer->to_smarty_php(), $_tpl->getCompiledTemplate());
|
||||
} elseif ($this->smarty->block_data[$_name]['mode'] == 'prepend') {
|
||||
$_output = $_tpl->getCompiledTemplate() . $compiler->template->extracted_compiled_code;
|
||||
$_output = $_tpl->getCompiledTemplate() . $compiler->parser->current_buffer->to_smarty_php();
|
||||
} elseif ($this->smarty->block_data[$_name]['mode'] == 'append') {
|
||||
$_output = $compiler->template->extracted_compiled_code . $_tpl->getCompiledTemplate();
|
||||
$_output = $compiler->parser->current_buffer->to_smarty_php() . $_tpl->getCompiledTemplate();
|
||||
} elseif (!empty($this->smarty->block_data[$_name])) {
|
||||
$_output = $_tpl->getCompiledTemplate();
|
||||
}
|
||||
@@ -102,11 +99,10 @@ class Smarty_Internal_Compile_Blockclose extends Smarty_Internal_CompileBase {
|
||||
}
|
||||
unset($_tpl);
|
||||
} else {
|
||||
$_output = $compiler->template->extracted_compiled_code;
|
||||
$_output = $compiler->parser->current_buffer->to_smarty_php();
|
||||
}
|
||||
$compiler->template->extracted_compiled_code = $saved_data[1];
|
||||
$compiler->template->extract_code = $saved_data[2];
|
||||
$compiler->nocache = $saved_data[3];
|
||||
$compiler->parser->current_buffer = $saved_data[1];
|
||||
$compiler->nocache = $saved_data[2];
|
||||
// $_output content has already nocache code processed
|
||||
$compiler->suppressNocacheProcessing = true;
|
||||
return $_output;
|
||||
|
||||
@@ -26,7 +26,7 @@ class Smarty_Internal_Compile_Function extends Smarty_Internal_CompileBase {
|
||||
$this->optional_attributes = array('_any');
|
||||
// check and get attributes
|
||||
$_attr = $this->_get_attributes($args);
|
||||
$save = array($_attr, $compiler->template->extracted_compiled_code, $compiler->template->extract_code,
|
||||
$save = array($_attr, $compiler->parser->current_buffer,
|
||||
$compiler->template->has_nocache_code, $compiler->template->required_plugins);
|
||||
$this->_open_tag('function', $save);
|
||||
$_name = trim($_attr['name'], "'\"");
|
||||
@@ -46,8 +46,8 @@ class Smarty_Internal_Compile_Function extends Smarty_Internal_CompileBase {
|
||||
}
|
||||
// Init temporay context
|
||||
$compiler->template->required_plugins = array('compiled' => array(), 'nocache' => array());
|
||||
$compiler->template->extract_code = true;
|
||||
$compiler->template->extracted_compiled_code = $output;
|
||||
$compiler->parser->current_buffer = new _smarty_template_buffer($compiler->parser);
|
||||
$compiler->parser->current_buffer->append_subtree(new _smarty_tag($compiler->parser, $output));
|
||||
$compiler->template->has_nocache_code = false;
|
||||
$compiler->has_code = false;
|
||||
$compiler->template->properties['function'][$_name]['compiled'] = '';
|
||||
@@ -95,20 +95,19 @@ class Smarty_Internal_Compile_Functionclose extends Smarty_Internal_CompileBase
|
||||
// if caching save template function for possible nocache call
|
||||
if ($compiler->template->caching) {
|
||||
$compiler->template->properties['function'][$_name]['compiled'] .= $plugins_string
|
||||
. $compiler->template->extracted_compiled_code;
|
||||
. $compiler->parser->current_buffer->to_smarty_php();
|
||||
$compiler->template->properties['function'][$_name]['nocache_hash'] = $compiler->template->properties['nocache_hash'];
|
||||
$compiler->template->properties['function'][$_name]['has_nocache_code'] = $compiler->template->has_nocache_code;
|
||||
$compiler->smarty->template_functions[$_name] = $compiler->template->properties['function'][$_name];
|
||||
$compiler->has_code = false;
|
||||
$output = true;
|
||||
} else {
|
||||
$output = $plugins_string . $compiler->template->extracted_compiled_code . "<?php \$_smarty_tpl->tpl_vars = \$saved_tpl_vars;}}?>\n";
|
||||
$output = $plugins_string . $compiler->parser->current_buffer->to_smarty_php() . "<?php \$_smarty_tpl->tpl_vars = \$saved_tpl_vars;}}?>\n";
|
||||
}
|
||||
// restore old compiler status
|
||||
$compiler->template->extracted_compiled_code = $saved_data[1];
|
||||
$compiler->template->extract_code = $saved_data[2];
|
||||
$compiler->template->has_nocache_code = $compiler->template->has_nocache_code | $saved_data[3];
|
||||
$compiler->template->required_plugins = $saved_data[4];
|
||||
$compiler->parser->current_buffer = $saved_data[1];
|
||||
$compiler->template->has_nocache_code = $compiler->template->has_nocache_code | $saved_data[2];
|
||||
$compiler->template->required_plugins = $saved_data[3];
|
||||
return $output;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,19 +1,19 @@
|
||||
<?php
|
||||
/**
|
||||
* Smarty Internal Plugin Templateparser Parsetrees
|
||||
*
|
||||
* These are classes to build parsetrees in the template parser
|
||||
*
|
||||
* @package Smarty
|
||||
* @subpackage Compiler
|
||||
* @author Thue Kristensen
|
||||
* @author Uwe Tews
|
||||
*/
|
||||
|
||||
* Smarty Internal Plugin Templateparser Parsetrees
|
||||
*
|
||||
* These are classes to build parsetrees in the template parser
|
||||
*
|
||||
* @package Smarty
|
||||
* @subpackage Compiler
|
||||
* @author Thue Kristensen
|
||||
* @author Uwe Tews
|
||||
*/
|
||||
abstract class _smarty_parsetree {
|
||||
abstract public function to_smarty_php();
|
||||
}
|
||||
|
||||
|
||||
/* A complete smarty tag. */
|
||||
|
||||
class _smarty_tag extends _smarty_parsetree
|
||||
@@ -109,7 +109,6 @@ class _smarty_doublequoted extends _smarty_parsetree {
|
||||
$this->parser->compiler->has_variable_string = true;
|
||||
}
|
||||
}
|
||||
// $code = sprintf("(%s)", $code);
|
||||
return $code;
|
||||
}
|
||||
}
|
||||
@@ -128,5 +127,94 @@ class _smarty_dq_content extends _smarty_parsetree {
|
||||
return '"' . $this->data . '"';
|
||||
}
|
||||
}
|
||||
/* Template element */
|
||||
class _smarty_template_buffer extends _smarty_parsetree {
|
||||
public $subtrees = Array();
|
||||
function __construct($parser)
|
||||
{
|
||||
$this->parser = $parser;
|
||||
}
|
||||
|
||||
function append_subtree(_smarty_parsetree $subtree)
|
||||
{
|
||||
$this->subtrees[] = $subtree;
|
||||
}
|
||||
|
||||
public function to_smarty_php()
|
||||
{
|
||||
$code = '';
|
||||
for ($key = 0, $cnt = count($this->subtrees); $key < $cnt; $key++) {
|
||||
if ($key + 2 < $cnt) {
|
||||
if ($this->subtrees[$key] instanceof _smarty_linebreak && $this->subtrees[$key + 1] instanceof _smarty_tag && $this->subtrees[$key + 1]->data == '' && $this->subtrees[$key + 2] instanceof _smarty_linebreak) {
|
||||
$key = $key + 1;
|
||||
continue;
|
||||
}
|
||||
if (substr($this->subtrees[$key]->data, -1) == '<' && $this->subtrees[$key + 1]->data == '' && substr($this->subtrees[$key + 2]->data, -1) == '?') {
|
||||
$key = $key + 2;
|
||||
continue;
|
||||
}
|
||||
}
|
||||
if (substr($code, -1) == '<') {
|
||||
$subtree = $this->subtrees[$key]->to_smarty_php();
|
||||
if (substr($subtree, 0, 1) == '?') {
|
||||
$code = substr($code, 0, strlen($code)-1) . '<<?php ?>?' . substr($subtree, 1);
|
||||
} elseif ($this->parser->asp_tags && substr($subtree, 0, 1) == '%') {
|
||||
$code = substr($code, 0, strlen($code)-1) . '<<?php ?>%' . substr($subtree, 1);
|
||||
} else {
|
||||
$code .= $subtree;
|
||||
}
|
||||
continue;
|
||||
}
|
||||
if ($this->parser->asp_tags && substr($code, -1) == '%') {
|
||||
$subtree = $this->subtrees[$key]->to_smarty_php();
|
||||
if (substr($subtree, 0, 1) == '>') {
|
||||
$code = substr($code, 0, strlen($code)-1) . '%<?php ?>>' . substr($subtree, 1);
|
||||
} else {
|
||||
$code .= $subtree;
|
||||
}
|
||||
continue;
|
||||
}
|
||||
if (substr($code, -1) == '?') {
|
||||
$subtree = $this->subtrees[$key]->to_smarty_php();
|
||||
if (substr($subtree, 0, 1) == '>') {
|
||||
$code = substr($code, 0, strlen($code)-1) . '?<?php ?>>' . substr($subtree, 1);
|
||||
} else {
|
||||
$code .= $subtree;
|
||||
}
|
||||
continue;
|
||||
}
|
||||
$code .= $this->subtrees[$key]->to_smarty_php();
|
||||
}
|
||||
return $code;
|
||||
}
|
||||
}
|
||||
/* template text */
|
||||
class _smarty_text extends _smarty_parsetree {
|
||||
public $data;
|
||||
function __construct($parser, $data)
|
||||
{
|
||||
$this->parser = $parser;
|
||||
$this->data = $data;
|
||||
}
|
||||
|
||||
public function to_smarty_php()
|
||||
{
|
||||
return $this->data;
|
||||
}
|
||||
}
|
||||
/* template linebreaks */
|
||||
class _smarty_linebreak extends _smarty_parsetree {
|
||||
public $data;
|
||||
function __construct($parser, $data)
|
||||
{
|
||||
$this->parser = $parser;
|
||||
$this->data = $data;
|
||||
}
|
||||
|
||||
public function to_smarty_php()
|
||||
{
|
||||
return $this->data;
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
@@ -44,8 +44,6 @@ class Smarty_Internal_Template extends Smarty_Internal_Data {
|
||||
public $mustCompile = null;
|
||||
public $suppressHeader = false;
|
||||
public $suppressFileDependency = false;
|
||||
public $extract_code = false;
|
||||
public $extracted_compiled_code = '';
|
||||
public $has_nocache_code = false;
|
||||
// Rendered content
|
||||
public $rendered_content = null;
|
||||
|
||||
@@ -63,6 +63,7 @@ class Smarty_Internal_Templatelexer
|
||||
'QMARK' => '"?"',
|
||||
'ID' => 'identifier',
|
||||
'OTHER' => 'text',
|
||||
'LINEBREAK' => 'newline',
|
||||
'FAKEPHPSTARTTAG' => 'Fake PHP start tag',
|
||||
'PHPSTARTTAG' => 'PHP start tag',
|
||||
'PHPENDTAG' => 'PHP end tag',
|
||||
@@ -247,7 +248,7 @@ class Smarty_Internal_Templatelexer
|
||||
if ($this->strip) {
|
||||
return false;
|
||||
} else {
|
||||
$this->token = Smarty_Internal_Templateparser::TP_OTHER;
|
||||
$this->token = Smarty_Internal_Templateparser::TP_LINEBREAK;
|
||||
}
|
||||
}
|
||||
function yy_r1_9($yy_subpatterns)
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user