smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-07-29 23:47:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Initial attempt. I think we can do this with less impact on compilation flow and thus less risk for stability.

Browse Source
This commit is contained in:
Simon Wisselink
2024-07-05 11:12:44 +02:00
parent 9fc96a13db
commit cba469bf3e
3 changed files with 898 additions and 800 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
lexer/smarty_internal_templateparser.y
View File

@ -759,6 +759,19 @@ value(res) ::= varindexed(vi) DOUBLECOLON static_class_access(r). {
res = $prefixVar .'::'.r[0].r[1];
}
value(res) ::= varindexed(vi) DOUBLECOLON static_class_constant(r). {
if ($this->security && $this->security->static_classes !== array()) {
$this->compiler->trigger_template_error('dynamic static class not allowed by security setting');
}
$prefixVar = $this->compiler->getNewPrefixVariable();
if (vi['var'] === '\'smarty\'') {
$this->compiler->appendPrefixCode("<?php {$prefixVar} = ". $this->compiler->compileTag('private_special_variable',array(),vi['smarty_internal_index']).';?>');
} else {
$this->compiler->appendPrefixCode("<?php {$prefixVar} = ". $this->compiler->compileVariable(vi['var']).vi['smarty_internal_index'].';?>');
}
res = $prefixVar .'::'.r[0];
}
// Smarty tag
value(res) ::= smartytag(st). {
$prefixVar = $this->compiler->getNewPrefixVariable();
@ -779,7 +792,21 @@ value(res) ::= NAMESPACE(c). {
value(res) ::= arraydef(a). {
res = a;
}
// static class access
// static class constant access
value(res) ::= ns1(c)DOUBLECOLON static_class_constant(s). {
if (!in_array(strtolower(c), array('self', 'parent')) && (!$this->security || $this->security->isTrustedStaticClassAccess(c, s, $this->compiler))) {
if (isset($this->smarty->registered_classes[c])) {
res = $this->smarty->registered_classes[c].'::'.s[0];
} else {
res = c.'::'.s[0];
}
} else {
$this->compiler->trigger_template_error ('static class \''.c.'\' is undefined or not allowed by security setting');
}
}
// other static class access
value(res) ::= ns1(c)DOUBLECOLON static_class_access(s). {
if (!in_array(strtolower(c), array('self', 'parent')) && (!$this->security || $this->security->isTrustedStaticClassAccess(c, s, $this->compiler))) {
if (isset($this->smarty->registered_classes[c])) {
@ -1111,6 +1138,11 @@ modparameter(res) ::= COLON array(mp). {
res = array(mp);
}
// static class constant
static_class_constant(res) ::= ID(v). {
res = array(v);
}
// static class methode call
static_class_access(res) ::= method(m). {
res = array(m, '', 'method');
@ -1121,11 +1153,6 @@ static_class_access(res) ::= method(m) objectchain(oc). {
res = array(m, oc, 'method');
}
// static class constant
static_class_access(res) ::= ID(v). {
res = array(v, '');
}
// static class variables
static_class_access(res) ::= DOLLARID(v) arrayindex(a). {
res = array(v, a, 'property');

1644
libs/sysplugins/smarty_internal_templateparser.php
View File

File diff suppressed because it is too large Load Diff

15
tests/UnitTests/TemplateSource/ValueTests/PHPfunctions/PhpFunctionTest.php
View File

@ -255,8 +255,9 @@ class PhpFunctionTest extends PHPUnit_Smarty
}
if ($shouldTriggerDeprecationNotice) {
$this->assertStringContainsString('Using unregistered function', $errorMessage);
$this->assertStringContainsString('Using unregistered ', $errorMessage);
} else {
$this->assertEquals('', $errorMessage);
$this->assertEquals($expected, $output);
$this->assertEquals('', $errorMessage);
}
@ -295,6 +296,9 @@ class PhpFunctionTest extends PHPUnit_Smarty
['{$a|addslashes}', '', true],
['{$a|sha1}', '', true],
['{$a|get_parent_class}', '', true],
['{StaticMethodsTesterClass::giveMeEmptyString($a)}', '', true],
['{StaticMethodsTesterClass::EMPTY_STRING}', '', false],
];
}
@ -326,3 +330,12 @@ class TestIsset {
return $v;
}
}
class StaticMethodsTesterClass {
const EMPTY_STRING = '';
public static function giveMeEmptyString($data) {
return '';
}
}