smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-07 03:44:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

- make the date_format modifier work also on objects of the DateTime class

Browse Source 
- implementation of parsetrees in the parser to close security holes and remove unwanted empty line in HTML output
This commit is contained in:
Uwe.Tews
2010-07-14 22:47:37 +00:00
parent 50637fccdd
commit c1e1c03892
8 changed files with 1817 additions and 1742 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
change_log.txt
View File

@@ -1,3 +1,7 @@
15/08/2010
- make the date_format modifier work also on objects of the DateTime class
- implementation of parsetrees in the parser to close security holes and remove unwanted empty line in HTML output
08/07/2010 08/07/2010
- bugfix on assigning multidimensional arrays within templates - bugfix on assigning multidimensional arrays within templates
- corrected bugfix for truncate modifier - corrected bugfix for truncate modifier

4
libs/plugins/shared.make_timestamp.php
View File

@@ -19,7 +19,7 @@ function smarty_make_timestamp($string)
if(empty($string)) { if(empty($string)) {
// use "now": // use "now":
return time(); return time();
} elseif (is_a($string,'DateTime')) { } elseif ($string instanceof DateTime) {
return $string->getTimestamp(); return $string->getTimestamp();
} elseif (preg_match('/^\d{14}$/', $string)) { } elseif (preg_match('/^\d{14}$/', $string)) {
// it is mysql timestamp format of YYYYMMDDHHMMSS? // it is mysql timestamp format of YYYYMMDDHHMMSS?
@@ -38,4 +38,4 @@ function smarty_make_timestamp($string)
return $time; return $time;
} }
} }
?> ?>

20
libs/sysplugins/smarty_internal_compile_block.php
View File

@@ -26,7 +26,7 @@ class Smarty_Internal_Compile_Block extends Smarty_Internal_CompileBase {
$this->optional_attributes = array('assign', 'nocache'); $this->optional_attributes = array('assign', 'nocache');
// check and get attributes // check and get attributes
$_attr = $this->_get_attributes($args); $_attr = $this->_get_attributes($args);
$save = array($_attr, $compiler->template->extracted_compiled_code, $compiler->template->extract_code, $this->compiler->nocache); $save = array($_attr, $compiler->parser->current_buffer, $this->compiler->nocache);
$this->_open_tag('block', $save); $this->_open_tag('block', $save);
if (isset($_attr['nocache'])) { if (isset($_attr['nocache'])) {
if ($_attr['nocache'] == 'true') { if ($_attr['nocache'] == 'true') {
@@ -34,8 +34,7 @@ class Smarty_Internal_Compile_Block extends Smarty_Internal_CompileBase {
} }
} }
$compiler->template->extract_code = true; $compiler->parser->current_buffer = new _smarty_template_buffer($compiler->parser);
$compiler->template->extracted_compiled_code = '';
$compiler->has_code = false; $compiler->has_code = false;
return true; return true;
} }
@@ -57,8 +56,6 @@ class Smarty_Internal_Compile_Blockclose extends Smarty_Internal_CompileBase {
$this->compiler = $compiler; $this->compiler = $compiler;
$this->smarty = $compiler->smarty; $this->smarty = $compiler->smarty;
$this->compiler->has_code = true; $this->compiler->has_code = true;
// turn off block code extraction
$compiler->template->extract_code = false;
// check and get attributes // check and get attributes
$this->optional_attributes = array('name'); $this->optional_attributes = array('name');
$_attr = $this->_get_attributes($args); $_attr = $this->_get_attributes($args);
@@ -80,11 +77,11 @@ class Smarty_Internal_Compile_Blockclose extends Smarty_Internal_CompileBase {
$_tpl->suppressHeader = true; $_tpl->suppressHeader = true;
$_tpl->suppressFileDependency = true; $_tpl->suppressFileDependency = true;
if (strpos($this->smarty->block_data[$_name]['source'], '%%%%SMARTY_PARENT%%%%') !== false) { if (strpos($this->smarty->block_data[$_name]['source'], '%%%%SMARTY_PARENT%%%%') !== false) {
$_output = str_replace('%%%%SMARTY_PARENT%%%%', $compiler->template->extracted_compiled_code, $_tpl->getCompiledTemplate()); $_output = str_replace('%%%%SMARTY_PARENT%%%%', $compiler->parser->current_buffer->to_smarty_php(), $_tpl->getCompiledTemplate());
} elseif ($this->smarty->block_data[$_name]['mode'] == 'prepend') { } elseif ($this->smarty->block_data[$_name]['mode'] == 'prepend') {
$_output = $_tpl->getCompiledTemplate() . $compiler->template->extracted_compiled_code; $_output = $_tpl->getCompiledTemplate() . $compiler->parser->current_buffer->to_smarty_php();
} elseif ($this->smarty->block_data[$_name]['mode'] == 'append') { } elseif ($this->smarty->block_data[$_name]['mode'] == 'append') {
$_output = $compiler->template->extracted_compiled_code . $_tpl->getCompiledTemplate(); $_output = $compiler->parser->current_buffer->to_smarty_php() . $_tpl->getCompiledTemplate();
} elseif (!empty($this->smarty->block_data[$_name])) { } elseif (!empty($this->smarty->block_data[$_name])) {
$_output = $_tpl->getCompiledTemplate(); $_output = $_tpl->getCompiledTemplate();
} }
@@ -102,11 +99,10 @@ class Smarty_Internal_Compile_Blockclose extends Smarty_Internal_CompileBase {
} }
unset($_tpl); unset($_tpl);
} else { } else {
$_output = $compiler->template->extracted_compiled_code; $_output = $compiler->parser->current_buffer->to_smarty_php();
} }
$compiler->template->extracted_compiled_code = $saved_data[1]; $compiler->parser->current_buffer = $saved_data[1];
$compiler->template->extract_code = $saved_data[2]; $compiler->nocache = $saved_data[2];
$compiler->nocache = $saved_data[3];
// $_output content has already nocache code processed // $_output content has already nocache code processed
$compiler->suppressNocacheProcessing = true; $compiler->suppressNocacheProcessing = true;
return $_output; return $_output;

17
libs/sysplugins/smarty_internal_compile_function.php
View File

@@ -26,7 +26,7 @@ class Smarty_Internal_Compile_Function extends Smarty_Internal_CompileBase {
$this->optional_attributes = array('_any'); $this->optional_attributes = array('_any');
// check and get attributes // check and get attributes
$_attr = $this->_get_attributes($args); $_attr = $this->_get_attributes($args);
$save = array($_attr, $compiler->template->extracted_compiled_code, $compiler->template->extract_code, $save = array($_attr, $compiler->parser->current_buffer,
$compiler->template->has_nocache_code, $compiler->template->required_plugins); $compiler->template->has_nocache_code, $compiler->template->required_plugins);
$this->_open_tag('function', $save); $this->_open_tag('function', $save);
$_name = trim($_attr['name'], "'\""); $_name = trim($_attr['name'], "'\"");
@@ -46,8 +46,8 @@ class Smarty_Internal_Compile_Function extends Smarty_Internal_CompileBase {
} }
// Init temporay context // Init temporay context
$compiler->template->required_plugins = array('compiled' => array(), 'nocache' => array()); $compiler->template->required_plugins = array('compiled' => array(), 'nocache' => array());
$compiler->template->extract_code = true; $compiler->parser->current_buffer = new _smarty_template_buffer($compiler->parser);
$compiler->template->extracted_compiled_code = $output; $compiler->parser->current_buffer->append_subtree(new _smarty_tag($compiler->parser, $output));
$compiler->template->has_nocache_code = false; $compiler->template->has_nocache_code = false;
$compiler->has_code = false; $compiler->has_code = false;
$compiler->template->properties['function'][$_name]['compiled'] = ''; $compiler->template->properties['function'][$_name]['compiled'] = '';
@@ -95,20 +95,19 @@ class Smarty_Internal_Compile_Functionclose extends Smarty_Internal_CompileBase
// if caching save template function for possible nocache call // if caching save template function for possible nocache call
if ($compiler->template->caching) { if ($compiler->template->caching) {
$compiler->template->properties['function'][$_name]['compiled'] .= $plugins_string $compiler->template->properties['function'][$_name]['compiled'] .= $plugins_string
. $compiler->template->extracted_compiled_code; . $compiler->parser->current_buffer->to_smarty_php();
$compiler->template->properties['function'][$_name]['nocache_hash'] = $compiler->template->properties['nocache_hash']; $compiler->template->properties['function'][$_name]['nocache_hash'] = $compiler->template->properties['nocache_hash'];
$compiler->template->properties['function'][$_name]['has_nocache_code'] = $compiler->template->has_nocache_code; $compiler->template->properties['function'][$_name]['has_nocache_code'] = $compiler->template->has_nocache_code;
$compiler->smarty->template_functions[$_name] = $compiler->template->properties['function'][$_name]; $compiler->smarty->template_functions[$_name] = $compiler->template->properties['function'][$_name];
$compiler->has_code = false; $compiler->has_code = false;
$output = true; $output = true;
} else { } else {
$output = $plugins_string . $compiler->template->extracted_compiled_code . "<?php \$_smarty_tpl->tpl_vars = \$saved_tpl_vars;}}?>\n"; $output = $plugins_string . $compiler->parser->current_buffer->to_smarty_php() . "<?php \$_smarty_tpl->tpl_vars = \$saved_tpl_vars;}}?>\n";
} }
// restore old compiler status // restore old compiler status
$compiler->template->extracted_compiled_code = $saved_data[1]; $compiler->parser->current_buffer = $saved_data[1];
$compiler->template->extract_code = $saved_data[2]; $compiler->template->has_nocache_code = $compiler->template->has_nocache_code | $saved_data[2];
$compiler->template->has_nocache_code = $compiler->template->has_nocache_code | $saved_data[3]; $compiler->template->required_plugins = $saved_data[3];
$compiler->template->required_plugins = $saved_data[4];
return $output; return $output;
} }
} }

110
libs/sysplugins/smarty_internal_parsetree.php
View File

@@ -1,19 +1,19 @@
<?php <?php
/** /**
* Smarty Internal Plugin Templateparser Parsetrees * Smarty Internal Plugin Templateparser Parsetrees
* *
* These are classes to build parsetrees in the template parser * These are classes to build parsetrees in the template parser
* *
* @package Smarty * @package Smarty
* @subpackage Compiler * @subpackage Compiler
* @author Thue Kristensen * @author Thue Kristensen
* @author Uwe Tews * @author Uwe Tews
*/ */
abstract class _smarty_parsetree { abstract class _smarty_parsetree {
abstract public function to_smarty_php(); abstract public function to_smarty_php();
} }
/* A complete smarty tag. */ /* A complete smarty tag. */
class _smarty_tag extends _smarty_parsetree class _smarty_tag extends _smarty_parsetree
@@ -109,7 +109,6 @@ class _smarty_doublequoted extends _smarty_parsetree {
$this->parser->compiler->has_variable_string = true; $this->parser->compiler->has_variable_string = true;
} }
} }
// $code = sprintf("(%s)", $code);
return $code; return $code;
} }
} }
@@ -128,5 +127,94 @@ class _smarty_dq_content extends _smarty_parsetree {
return '"' . $this->data . '"'; return '"' . $this->data . '"';
} }
} }
/* Template element */
class _smarty_template_buffer extends _smarty_parsetree {
public $subtrees = Array();
function __construct($parser)
{
$this->parser = $parser;
}
function append_subtree(_smarty_parsetree $subtree)
{
$this->subtrees[] = $subtree;
}
public function to_smarty_php()
{
$code = '';
for ($key = 0, $cnt = count($this->subtrees); $key < $cnt; $key++) {
if ($key + 2 < $cnt) {
if ($this->subtrees[$key] instanceof _smarty_linebreak && $this->subtrees[$key + 1] instanceof _smarty_tag && $this->subtrees[$key + 1]->data == '' && $this->subtrees[$key + 2] instanceof _smarty_linebreak) {
$key = $key + 1;
continue;
}
if (substr($this->subtrees[$key]->data, -1) == '<' && $this->subtrees[$key + 1]->data == '' && substr($this->subtrees[$key + 2]->data, -1) == '?') {
$key = $key + 2;
continue;
}
}
if (substr($code, -1) == '<') {
$subtree = $this->subtrees[$key]->to_smarty_php();
if (substr($subtree, 0, 1) == '?') {
$code = substr($code, 0, strlen($code)-1) . '<<?php ?>?' . substr($subtree, 1);
} elseif ($this->parser->asp_tags && substr($subtree, 0, 1) == '%') {
$code = substr($code, 0, strlen($code)-1) . '<<?php ?>%' . substr($subtree, 1);
} else {
$code .= $subtree;
}
continue;
}
if ($this->parser->asp_tags && substr($code, -1) == '%') {
$subtree = $this->subtrees[$key]->to_smarty_php();
if (substr($subtree, 0, 1) == '>') {
$code = substr($code, 0, strlen($code)-1) . '%<?php ?>>' . substr($subtree, 1);
} else {
$code .= $subtree;
}
continue;
}
if (substr($code, -1) == '?') {
$subtree = $this->subtrees[$key]->to_smarty_php();
if (substr($subtree, 0, 1) == '>') {
$code = substr($code, 0, strlen($code)-1) . '?<?php ?>>' . substr($subtree, 1);
} else {
$code .= $subtree;
}
continue;
}
$code .= $this->subtrees[$key]->to_smarty_php();
}
return $code;
}
}
/* template text */
class _smarty_text extends _smarty_parsetree {
public $data;
function __construct($parser, $data)
{
$this->parser = $parser;
$this->data = $data;
}
public function to_smarty_php()
{
return $this->data;
}
}
/* template linebreaks */
class _smarty_linebreak extends _smarty_parsetree {
public $data;
function __construct($parser, $data)
{
$this->parser = $parser;
$this->data = $data;
}
public function to_smarty_php()
{
return $this->data;
}
}
?> ?>

2
libs/sysplugins/smarty_internal_template.php
View File

@@ -44,8 +44,6 @@ class Smarty_Internal_Template extends Smarty_Internal_Data {
public $mustCompile = null; public $mustCompile = null;
public $suppressHeader = false; public $suppressHeader = false;
public $suppressFileDependency = false; public $suppressFileDependency = false;
public $extract_code = false;
public $extracted_compiled_code = '';
public $has_nocache_code = false; public $has_nocache_code = false;
// Rendered content // Rendered content
public $rendered_content = null; public $rendered_content = null;

3
libs/sysplugins/smarty_internal_templatelexer.php
View File

@@ -63,6 +63,7 @@ class Smarty_Internal_Templatelexer
'QMARK' => '"?"', 'QMARK' => '"?"',
'ID' => 'identifier', 'ID' => 'identifier',
'OTHER' => 'text', 'OTHER' => 'text',
'LINEBREAK' => 'newline',
'FAKEPHPSTARTTAG' => 'Fake PHP start tag', 'FAKEPHPSTARTTAG' => 'Fake PHP start tag',
'PHPSTARTTAG' => 'PHP start tag', 'PHPSTARTTAG' => 'PHP start tag',
'PHPENDTAG' => 'PHP end tag', 'PHPENDTAG' => 'PHP end tag',
@@ -247,7 +248,7 @@ class Smarty_Internal_Templatelexer
if ($this->strip) { if ($this->strip) {
return false; return false;
} else { } else {
$this->token = Smarty_Internal_Templateparser::TP_OTHER; $this->token = Smarty_Internal_Templateparser::TP_LINEBREAK;
} }
} }
function yy_r1_9($yy_subpatterns) function yy_r1_9($yy_subpatterns)

3399
libs/sysplugins/smarty_internal_templateparser.php
View File

File diff suppressed because it is too large Load Diff