smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-06 19:34:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

- fixed E_STRICT incompabilities

Browse Source 
- {function} tag bug fix 
- security policy definitions have been moved from plugins folder to file Security.class.php in libs folder
- added allow_super_global configuration to security
This commit is contained in:
Uwe.Tews
2009-05-05 17:19:33 +00:00
parent 5bbc44f35d
commit d7a8731ac9
11 changed files with 814 additions and 764 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
change_log.txt
View File

@@ -1,3 +1,9 @@
05/05/2009
- fixed E_STRICT incompabilities
- {function} tag bug fix
- security policy definitions have been moved from plugins folder to file Security.class.php in libs folder
- added allow_super_global configuration to security
04/30/2009 04/30/2009
- functions defined with the {function} tag now always have global scope - functions defined with the {function} tag now always have global scope

6
libs/plugins/securitypolicy.default.php → libs/Security.class.php
View File

@@ -3,7 +3,7 @@
* Smarty plugin * Smarty plugin
* *
* @package Smarty * @package Smarty
* @subpackage PluginsConfiguration * @subpackage Security
* @author Uwe Tews * @author Uwe Tews
*/ */
define('SMARTY_PHP_PASSTHRU', 0); define('SMARTY_PHP_PASSTHRU', 0);
@@ -78,6 +78,10 @@ class Smarty_Security_Policy {
+ flag if constants can be accessed from template + flag if constants can be accessed from template
*/ */
public $allow_constants = true; public $allow_constants = true;
/**
+ flag if super globals can be accessed from template
*/
public $allow_super_globals = true;
} }
?> ?>

61
libs/Smarty.class.php
View File

@@ -64,7 +64,7 @@ require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'sysplugins' . DIRECTORY_
*/ */
class Smarty extends Smarty_Internal_TemplateBase { class Smarty extends Smarty_Internal_TemplateBase {
// smarty version // smarty version
static $_version = 'Smarty3Alpha'; public static $_version = 'Smarty3Alpha';
// class used for templates // class used for templates
public $template_class = 'Smarty_Internal_Template'; public $template_class = 'Smarty_Internal_Template';
// display error on not assigned variabled // display error on not assigned variabled
@@ -114,11 +114,11 @@ class Smarty extends Smarty_Internal_TemplateBase {
public $debug_tpl = null; public $debug_tpl = null;
public $request_use_auto_globals = true; public $request_use_auto_globals = true;
// When set, smarty does uses this value as error_reporting-level. // When set, smarty does uses this value as error_reporting-level.
public $error_reporting = null; public $error_reporting = null;
// config var settings // config var settings
public $config_overwrite = true; //Controls whether variables with the same name overwrite each other. public $config_overwrite = true; //Controls whether variables with the same name overwrite each other.
public $config_booleanize = true; //Controls whether config values of on/true/yes and off/false/no get converted to boolean public $config_booleanize = true; //Controls whether config values of on/true/yes and off/false/no get converted to boolean
public $config_read_hidden = true; //Controls whether hidden config sections/vars are read from the file. public $config_read_hidden = true; //Controls whether hidden config sections/vars are read from the file.
// config vars // config vars
public $config_vars = array(); public $config_vars = array();
// assigned tpl vars // assigned tpl vars
@@ -126,7 +126,7 @@ class Smarty extends Smarty_Internal_TemplateBase {
// assigned global tpl vars // assigned global tpl vars
public $global_tpl_vars = array(); public $global_tpl_vars = array();
// dummy parent object // dummy parent object
public $parent = null; public $parent = null;
// global template functions // global template functions
public $template_functions = null; public $template_functions = null;
// system plugins directory // system plugins directory
@@ -146,7 +146,7 @@ class Smarty extends Smarty_Internal_TemplateBase {
// exception handler: set null to disable // exception handler: set null to disable
public $exception_handler = array('SmartyException', 'getStaticException'); public $exception_handler = array('SmartyException', 'getStaticException');
// cached template objects // cached template objects
static $template_objects = null; public $template_objects = null;
// check If-Modified-Since headers // check If-Modified-Since headers
public $cache_modified_check = false; public $cache_modified_check = false;
// registered plugins // registered plugins
@@ -255,7 +255,6 @@ class Smarty extends Smarty_Internal_TemplateBase {
* Sets a static instance of the smarty object. Retrieve with: * Sets a static instance of the smarty object. Retrieve with:
* $smarty = Smarty::instance(); * $smarty = Smarty::instance();
* *
* @param object $new_instance the Smarty object when setting
* @return object reference to Smarty object * @return object reference to Smarty object
*/ */
public static function &instance($new_instance = null) public static function &instance($new_instance = null)
@@ -335,9 +334,13 @@ class Smarty extends Smarty_Internal_TemplateBase {
* *
* @param string $security_policy plugin to load * @param string $security_policy plugin to load
*/ */
public function enableSecurity($security_policy = 'Smarty_SecurityPolicy_Default') public function enableSecurity($security_policy_file = null)
{ {
if ($this->loadPlugin($security_policy)) { if (!isset($security_policy_file)) {
$security_policy_file = SMARTY_DIR . 'Security.class.php';
}
if (file_exists($security_policy_file)) {
require_once($security_policy_file);
if (!class_exists('Smarty_Security_Policy')) { if (!class_exists('Smarty_Security_Policy')) {
throw new Exception("Security policy must define class 'Smarty_Security_Policy'"); throw new Exception("Security policy must define class 'Smarty_Security_Policy'");
} }
@@ -346,7 +349,7 @@ class Smarty extends Smarty_Internal_TemplateBase {
$this->security_handler = new Smarty_Internal_Security_Handler(); $this->security_handler = new Smarty_Internal_Security_Handler();
$this->security = true; $this->security = true;
} else { } else {
throw new Exception("Security policy {$security_policy} not found"); throw new Exception("Security policy {$security_policy_file} not found");
} }
} }
@@ -427,28 +430,28 @@ class Smarty extends Smarty_Internal_TemplateBase {
return true; return true;
// Plugin name is expected to be: Smarty_[Type]_[Name] // Plugin name is expected to be: Smarty_[Type]_[Name]
$plugin_name = strtolower($plugin_name); $plugin_name = strtolower($plugin_name);
$name_parts = explode('_', $plugin_name, 3); $_name_parts = explode('_', $plugin_name, 3);
// class name must have three parts to be valid plugin // class name must have three parts to be valid plugin
if (count($name_parts) < 3 || $name_parts[0] !== 'smarty') { if (count($_name_parts) < 3 || $_name_parts[0] !== 'smarty') {
throw new Exception("plugin {$plugin_name} is not a valid name format"); throw new Exception("plugin {$plugin_name} is not a valid name format");
return false; return false;
} }
// plugin filename is expected to be: [type].[name].php // plugin filename is expected to be: [type].[name].php
$plugin_filename = "{$name_parts[1]}.{$name_parts[2]}{$this->php_ext}"; $_plugin_filename = "{$_name_parts[1]}.{$_name_parts[2]}{$this->php_ext}";
// if type is "internal", get plugin from sysplugins // if type is "internal", get plugin from sysplugins
if ($name_parts[1] == 'internal') { if ($_name_parts[1] == 'internal') {
if (file_exists($this->sysplugins_dir . $plugin_filename)) { if (file_exists($this->sysplugins_dir . $_plugin_filename)) {
require_once($this->sysplugins_dir . $plugin_filename); require_once($this->sysplugins_dir . $_plugin_filename);
return true; return true;
} else { } else {
return false; return false;
} }
} }
// loop through plugin dirs and find the plugin // loop through plugin dirs and find the plugin
foreach((array)$this->plugins_dir as $plugin_dir) { foreach((array)$this->plugins_dir as $_plugin_dir) {
if (file_exists($plugin_dir . $plugin_filename)) { if (file_exists($_plugin_dir . $_plugin_filename)) {
require_once($plugin_dir . $plugin_filename); require_once($_plugin_dir . $_plugin_filename);
return true; return true;
} }
} }
// no plugin loaded // no plugin loaded
@@ -477,19 +480,19 @@ class Smarty extends Smarty_Internal_TemplateBase {
*/ */
public function __call($name, $args) public function __call($name, $args)
{ {
$class_name = "Smarty_Method_{$name}"; $_class_name = "Smarty_Method_{$name}";
if (!class_exists($class_name, false)) { if (!class_exists($_class_name, false)) {
$plugin_filename = strtolower('method.' . $name . $this->php_ext); $_plugin_filename = strtolower('method.' . $name . $this->php_ext);
if (!file_exists($this->sysplugins_dir . $plugin_filename)) { if (!file_exists($this->sysplugins_dir . $_plugin_filename)) {
throw new Exception("Sysplugin file " . $plugin_filename . " does not exist"); throw new Exception("Sysplugin file " . $_plugin_filename . " does not exist");
} }
require_once($this->sysplugins_dir . $plugin_filename); require_once($this->sysplugins_dir . $_plugin_filename);
if (!class_exists($class_name, false)) { if (!class_exists($_class_name, false)) {
throw new Exception ("Sysplugin file " . $plugin_filename . " does not define class " . $class_name); throw new Exception ("Sysplugin file " . $_plugin_filename . " does not define class " . $_class_name);
} }
} }
$method = new $class_name; $_method_object = new $_class_name;
return call_user_func_array(array($method, 'execute'), $args); return call_user_func_array(array($_method_object, 'execute'), $args);
} }
} }

2
libs/sysplugins/internal.compile_extend.php
View File

@@ -35,7 +35,7 @@ class Smarty_Internal_Compile_Extend extends Smarty_Internal_CompileBase {
$compiler->template->properties['file_dependency'][] = array($_template->getTemplateFilepath(), $_template->getTemplateTimestamp()); $compiler->template->properties['file_dependency'][] = array($_template->getTemplateFilepath(), $_template->getTemplateTimestamp());
// $_old_source = preg_replace ('/' . $this->smarty->left_delimiter . 'extend\s+(?:file=)?\s*(\S+?|(["\']).+?\2)' . $this->smarty->right_delimiter . '/i', '' , $compiler->template->template_source, 1); // $_old_source = preg_replace ('/' . $this->smarty->left_delimiter . 'extend\s+(?:file=)?\s*(\S+?|(["\']).+?\2)' . $this->smarty->right_delimiter . '/i', '' , $compiler->template->template_source, 1);
$_old_source = $compiler->template->template_source; $_old_source = $compiler->template->template_source;
$_old_source = preg_replace_callback('/(' . $this->smarty->left_delimiter . 'block(.+?)' . $this->smarty->right_delimiter . ')((?:\r?\n?)(.*?)(?:\r?\n?))(' . $this->smarty->left_delimiter . '\/block(.*?)' . $this->smarty->right_delimiter . ')/is', array('Smarty_Internal_Compile_Extend', 'saveBlockData'), $_old_source); $_old_source = preg_replace_callback('/(' . $this->smarty->left_delimiter . 'block(.+?)' . $this->smarty->right_delimiter . ')((?:\r?\n?)(.*?)(?:\r?\n?))(' . $this->smarty->left_delimiter . '\/block(.*?)' . $this->smarty->right_delimiter . ')/is', array($this, 'saveBlockData'), $_old_source);
$compiler->template->template_source = $_template->getTemplateSource(); $compiler->template->template_source = $_template->getTemplateSource();
$compiler->abort_and_recompile = true; $compiler->abort_and_recompile = true;
return ' '; return ' ';

1
libs/sysplugins/internal.compile_foreach.php
View File

@@ -56,7 +56,6 @@ class Smarty_Internal_Compile_Foreach extends Smarty_Internal_CompileBase {
$output .= " \$_smarty_tpl->tpl_vars['smarty']->value['foreach'][$name]['total'] = \$_smarty_tpl->tpl_vars[$item]->total;\n"; $output .= " \$_smarty_tpl->tpl_vars['smarty']->value['foreach'][$name]['total'] = \$_smarty_tpl->tpl_vars[$item]->total;\n";
$output .= " \$_smarty_tpl->tpl_vars['smarty']->value['foreach'][$name]['iteration']=0;\n"; $output .= " \$_smarty_tpl->tpl_vars['smarty']->value['foreach'][$name]['iteration']=0;\n";
$output .= " \$_smarty_tpl->tpl_vars['smarty']->value['foreach'][$name]['index']=-1;\n"; $output .= " \$_smarty_tpl->tpl_vars['smarty']->value['foreach'][$name]['index']=-1;\n";
$output .= " \$_smarty_tpl->tpl_vars['smarty']->scope = 0;\n";
} }
$output .= "if (count(\$_from) > 0){\n"; $output .= "if (count(\$_from) > 0){\n";
$output .= " foreach (\$_from as \$_smarty_tpl->tpl_vars[$item]->key => \$_smarty_tpl->tpl_vars[$item]->value){\n"; $output .= " foreach (\$_from as \$_smarty_tpl->tpl_vars[$item]->key => \$_smarty_tpl->tpl_vars[$item]->value){\n";

2
libs/sysplugins/internal.compile_function.php
View File

@@ -32,6 +32,8 @@ class Smarty_Internal_Compile_Function extends Smarty_Internal_CompileBase {
foreach ($_attr as $_key => $_data) { foreach ($_attr as $_key => $_data) {
$compiler->template->properties['function'][$_name]['parameter'][$_key] = $_data; $compiler->template->properties['function'][$_name]['parameter'][$_key] = $_data;
} }
// make function known for recursive calls
$this->smarty->template_functions[$_name]['compiled'] = '';
$compiler->template->extract_code = true; $compiler->template->extract_code = true;
$compiler->template->extracted_compiled_code = ''; $compiler->template->extracted_compiled_code = '';
$compiler->template->has_code = false; $compiler->template->has_code = false;

1
libs/sysplugins/internal.compile_section.php
View File

@@ -34,7 +34,6 @@ class Smarty_Internal_Compile_Section extends Smarty_Internal_CompileBase {
$section_name = $_attr['name']; $section_name = $_attr['name'];
$output .= "unset(\$_smarty_tpl->tpl_vars['smarty']->value['section'][$section_name]);\n"; $output .= "unset(\$_smarty_tpl->tpl_vars['smarty']->value['section'][$section_name]);\n";
$output .= "\$_smarty_tpl->tpl_vars['smarty']->scope = 0;\n";
$section_props = "\$_smarty_tpl->tpl_vars['smarty']->value['section'][$section_name]"; $section_props = "\$_smarty_tpl->tpl_vars['smarty']->value['section'][$section_name]";
foreach ($_attr as $attr_name => $attr_value) { foreach ($_attr as $attr_name => $attr_value) {

20
libs/sysplugins/internal.debug.php
View File

@@ -16,16 +16,16 @@ class Smarty_Internal_Debug extends Smarty_Internal_TemplateBase {
/** /**
* Opens a window for the Smarty Debugging Consol and display the data * Opens a window for the Smarty Debugging Consol and display the data
*/ */
public function display_debug() public static function display_debug()
{ {
$this->smarty = Smarty::instance(); $smarty = Smarty::instance();
// get template names // get template names
$i = 0; $i = 0;
$_template_data = array(); $_template_data = array();
if (is_array(Smarty::$template_objects)) { if (is_array($smarty->template_objects)) {
foreach (Smarty::$template_objects as $_template_obj) { foreach ($smarty->template_objects as $_template_obj) {
// exclude the debugging template from displayed data // exclude the debugging template from displayed data
if ($this->smarty->debug_tpl != $_template_obj->resource_name) { if ($smarty->debug_tpl != $_template_obj->resource_name) {
$_template_data[$i]['name'] = $_template_obj->getTemplateFilepath(); $_template_data[$i]['name'] = $_template_obj->getTemplateFilepath();
$_template_data[$i]['compile_time'] = $_template_obj->compile_time; $_template_data[$i]['compile_time'] = $_template_obj->compile_time;
$_template_data[$i]['render_time'] = $_template_obj->render_time; $_template_data[$i]['render_time'] = $_template_obj->render_time;
@@ -44,19 +44,19 @@ class Smarty_Internal_Debug extends Smarty_Internal_TemplateBase {
} }
} }
// prepare information of assigned variables // prepare information of assigned variables
$_assigned_vars = $this->smarty->tpl_vars; $_assigned_vars = $smarty->tpl_vars;
ksort($_assigned_vars); ksort($_assigned_vars);
$_config_vars = $this->smarty->config_vars; $_config_vars = $smarty->config_vars;
ksort($_config_vars); ksort($_config_vars);
$_template = new Smarty_Template ($this->smarty->debug_tpl); $_template = new Smarty_Template ($smarty->debug_tpl);
$_template->caching = false; $_template->caching = false;
$_template->force_compile = false; $_template->force_compile = false;
$_template->security = false; $_template->security = false;
$_template->assign('template_data', $_template_data); $_template->assign('template_data', $_template_data);
$_template->assign('assigned_vars', $_assigned_vars); $_template->assign('assigned_vars', $_assigned_vars);
$_template->assign('config_vars', $_config_vars); $_template->assign('config_vars', $_config_vars);
$_template->assign('execution_time', $this->smarty->_get_time() - $this->smarty->start_time); $_template->assign('execution_time', $smarty->_get_time() - $smarty->start_time);
echo $this->smarty->fetch($_template); echo $smarty->fetch($_template);
} }
} }

6
libs/sysplugins/internal.template.php
View File

@@ -90,7 +90,9 @@ class Smarty_Internal_Template extends Smarty_Internal_TemplateBase {
$this->security = $this->smarty->security; $this->security = $this->smarty->security;
$this->cache_resource_class = 'Smarty_Internal_CacheResource_' . ucfirst($this->caching_type); $this->cache_resource_class = 'Smarty_Internal_CacheResource_' . ucfirst($this->caching_type);
$this->parent = $_parent; $this->parent = $_parent;
$this->properties['file_dependency'] = array(); $this->properties['file_dependency'] = array();
// dummy local smarty variable
$this->tpl_vars['smarty'] = new Smarty_Variable;
// Template resource // Template resource
$this->template_resource = $template_resource; $this->template_resource = $template_resource;
// parse resource name // parse resource name
@@ -566,7 +568,7 @@ class Smarty_Internal_Template extends Smarty_Internal_TemplateBase {
// cache template object under a unique ID // cache template object under a unique ID
// do not cache string resources // do not cache string resources
if ($this->resource_type != 'string') { if ($this->resource_type != 'string') {
Smarty::$template_objects[$this->buildTemplateId ($this->template_resource, $this->cache_id, $this->compile_id)] = $this; $this->smarty->template_objects[$this->buildTemplateId ($this->template_resource, $this->cache_id, $this->compile_id)] = $this;
} }
return true; return true;
} }

5
libs/sysplugins/internal.templatebase.php
View File

@@ -311,12 +311,13 @@ class Smarty_Internal_TemplateBase {
public function createTemplate($template, $parent = null, $cache_id = null, $compile_id = null) public function createTemplate($template, $parent = null, $cache_id = null, $compile_id = null)
{ {
if (!is_object($template)) { if (!is_object($template)) {
$_smarty = Smarty::instance();
// we got a template resource // we got a template resource
$_templateId = $this->buildTemplateId ($template, $cache_id, $compile_id); $_templateId = $this->buildTemplateId ($template, $cache_id, $compile_id);
// already in template cache? // already in template cache?
if (isset(Smarty::$template_objects[$_templateId])) { if (isset($_smarty->template_objects[$_templateId])) {
// return cached template object // return cached template object
return Smarty::$template_objects[$_templateId]; return $_smarty->template_objects[$_templateId];
} else { } else {
// create and cache new template object // create and cache new template object
return new Smarty_Internal_Template ($template, $parent, $cache_id, $compile_id); return new Smarty_Internal_Template ($template, $parent, $cache_id, $compile_id);

1468
libs/sysplugins/internal.templateparser.php
View File

File diff suppressed because it is too large Load Diff