smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-05 02:44:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

- bugfix at a template function containing nocache code a parmeter could overwrite a template variable of same name

Browse Source
This commit is contained in:
Uwe Tews
2015-04-20 22:59:45 +02:00
parent 6fb27d5ae4
commit de892651c2
3 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
change_log.txt
View File

@@ -1,4 +1,7 @@
 ===== 3.1.22-dev ===== (xx.xx.2015)  ===== 3.1.22-dev ===== (xx.xx.2015)
20.04.2015
- bugfix at a template function containing nocache code a parmeter could overwrite a template variable of same name
27.03.2015 27.03.2015
- bugfix Smarty_Security->allow_constants=false; did also disable true, false and null (change of 16.03.2015) - bugfix Smarty_Security->allow_constants=false; did also disable true, false and null (change of 16.03.2015)
- improvement added a whitelist for trusted constants to security Smarty_Security::$trusted_constants (forum topic 25471) - improvement added a whitelist for trusted constants to security Smarty_Security::$trusted_constants (forum topic 25471)

2
libs/Smarty.class.php
View File

@@ -111,7 +111,7 @@ class Smarty extends Smarty_Internal_TemplateBase
/** /**
* smarty version * smarty version
*/ */
const SMARTY_VERSION = '3.1.22-dev/17'; const SMARTY_VERSION = '3.1.22-dev/18';
/** /**
* define variable scopes * define variable scopes

4
libs/sysplugins/smarty_internal_compile_function.php
View File

@@ -156,6 +156,7 @@ class Smarty_Internal_Compile_Functionclose extends Smarty_Internal_CompileBase
} }
$output .= "ob_start();\n"; $output .= "ob_start();\n";
$output .= $_paramsCode; $output .= $_paramsCode;
$output .= "\$_smarty_tpl->properties['saved_tpl_vars'][] = \$_smarty_tpl->tpl_vars;\n";
$output .= "foreach (\$params as \$key => \$value) {\n\$_smarty_tpl->tpl_vars[\$key] = new Smarty_Variable(\$value);\n}"; $output .= "foreach (\$params as \$key => \$value) {\n\$_smarty_tpl->tpl_vars[\$key] = new Smarty_Variable(\$value);\n}";
$output .= "\$params = var_export(\$params, true);\n"; $output .= "\$params = var_export(\$params, true);\n";
$output .= "echo \"/*%%SmartyNocache:{$compiler->template->properties['nocache_hash']}%%*/<?php "; $output .= "echo \"/*%%SmartyNocache:{$compiler->template->properties['nocache_hash']}%%*/<?php ";
@@ -168,7 +169,8 @@ class Smarty_Internal_Compile_Functionclose extends Smarty_Internal_CompileBase
$output .= "if (\\\$_smarty_tpl->tpl_vars[\\\$key] === \\\$value) \\\$saved_tpl_vars[\\\$key] = \\\$value;\n}\n"; $output .= "if (\\\$_smarty_tpl->tpl_vars[\\\$key] === \\\$value) \\\$saved_tpl_vars[\\\$key] = \\\$value;\n}\n";
$output .= "\\\$_smarty_tpl->tpl_vars = \\\$saved_tpl_vars;?>\n"; $output .= "\\\$_smarty_tpl->tpl_vars = \\\$saved_tpl_vars;?>\n";
$output .= "/*/%%SmartyNocache:{$compiler->template->properties['nocache_hash']}%%*/\";\n?>"; $output .= "/*/%%SmartyNocache:{$compiler->template->properties['nocache_hash']}%%*/\";\n?>";
$output .= "<?php echo str_replace('{$compiler->template->properties['nocache_hash']}', \$_smarty_tpl->properties['nocache_hash'], ob_get_clean());\n}\n}\n"; $output .= "<?php echo str_replace('{$compiler->template->properties['nocache_hash']}', \$_smarty_tpl->properties['nocache_hash'], ob_get_clean());\n";
$output .= "\$_smarty_tpl->tpl_vars = array_pop(\$_smarty_tpl->properties['saved_tpl_vars']);\n}\n}\n";
$output .= "/*/ {$_funcName}_nocache */\n\n"; $output .= "/*/ {$_funcName}_nocache */\n\n";
$output .= "?>\n"; $output .= "?>\n";
$compiler->parser->current_buffer->append_subtree(new Smarty_Internal_ParseTree_Tag($compiler->parser, $output)); $compiler->parser->current_buffer->append_subtree(new Smarty_Internal_ParseTree_Tag($compiler->parser, $output));