smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-07-30 07:57:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixed unit tests to not rely on the existence of any domain or unavailability of internet access when running tests.

Browse Source
This commit is contained in:
Simon Wisselink
2024-04-06 23:37:50 +02:00
parent 5400b53edf
commit eabe70ea08
39 changed files with 415 additions and 515 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/BlockHandler/TextFormat.php
View File

@ -20,9 +20,6 @@ use Smarty\Template;
* - indent_char - string (" ") * - indent_char - string (" ")
* - wrap_boundary - boolean (true) * - wrap_boundary - boolean (true)
* *
* @link https://www.smarty.net/manual/en/language.function.textformat.php {textformat}
* (Smarty online manual)
*
* @param array $params parameters * @param array $params parameters
* @param string $content contents of the block * @param string $content contents of the block
* @param Template $template template object * @param Template $template template object

2
src/Compile/Modifier/CatModifierCompiler.php
View File

@ -11,8 +11,6 @@ namespace Smarty\Compile\Modifier;
* Input: string to catenate * Input: string to catenate
* Example: {$var|cat:"foo"} * Example: {$var|cat:"foo"}
* *
* @link https://www.smarty.net/manual/en/language.modifier.cat.php cat
* (Smarty online manual)
* @author Uwe Tews * @author Uwe Tews
*/ */

2
src/Compile/Modifier/CountCharactersModifierCompiler.php
View File

@ -6,8 +6,6 @@ namespace Smarty\Compile\Modifier;
* Name: count_characters * Name: count_characters
* Purpose: count the number of characters in a text * Purpose: count the number of characters in a text
* *
* @link https://www.smarty.net/manual/en/language.modifier.count.characters.php count_characters (Smarty online
* manual)
* @author Uwe Tews * @author Uwe Tews
*/ */

2
src/Compile/Modifier/CountParagraphsModifierCompiler.php
View File

@ -6,8 +6,6 @@ namespace Smarty\Compile\Modifier;
* Name: count_paragraphs * Name: count_paragraphs
* Purpose: count the number of paragraphs in a text * Purpose: count the number of paragraphs in a text
* *
* @link https://www.smarty.net/manual/en/language.modifier.count.paragraphs.php
* count_paragraphs (Smarty online manual)
* @author Uwe Tews * @author Uwe Tews
*/ */

2
src/Compile/Modifier/CountSentencesModifierCompiler.php
View File

@ -6,8 +6,6 @@ namespace Smarty\Compile\Modifier;
* Name: count_sentences * Name: count_sentences
* Purpose: count the number of sentences in a text * Purpose: count the number of sentences in a text
* *
* @link https://www.smarty.net/manual/en/language.modifier.count.paragraphs.php
* count_sentences (Smarty online manual)
* @author Uwe Tews * @author Uwe Tews
*/ */

1
src/Compile/Modifier/CountWordsModifierCompiler.php
View File

@ -6,7 +6,6 @@ namespace Smarty\Compile\Modifier;
* Name: count_words * Name: count_words
* Purpose: count the number of words in a text * Purpose: count the number of words in a text
* *
* @link https://www.smarty.net/manual/en/language.modifier.count.words.php count_words (Smarty online manual)
* @author Uwe Tews * @author Uwe Tews
*/ */

1
src/Compile/Modifier/DefaultModifierCompiler.php
View File

@ -6,7 +6,6 @@ namespace Smarty\Compile\Modifier;
* Name: default * Name: default
* Purpose: designate default value for empty variables * Purpose: designate default value for empty variables
* *
* @link https://www.smarty.net/manual/en/language.modifier.default.php default (Smarty online manual)
* @author Uwe Tews * @author Uwe Tews
*/ */

1
src/Compile/Modifier/EscapeModifierCompiler.php
View File

@ -9,7 +9,6 @@ use Smarty\Exception;
* Name: escape * Name: escape
* Purpose: escape string for output * Purpose: escape string for output
* *
* @link https://www.smarty.net/docsv2/en/language.modifier.escape count_characters (Smarty online manual)
* @author Rodney Rehm * @author Rodney Rehm
*/ */

1
src/Compile/Modifier/IndentModifierCompiler.php
View File

@ -6,7 +6,6 @@ namespace Smarty\Compile\Modifier;
* Name: indent * Name: indent
* Purpose: indent lines of text * Purpose: indent lines of text
* *
* @link https://www.smarty.net/manual/en/language.modifier.indent.php indent (Smarty online manual)
* @author Uwe Tews * @author Uwe Tews
*/ */

1
src/Compile/Modifier/LowerModifierCompiler.php
View File

@ -6,7 +6,6 @@ namespace Smarty\Compile\Modifier;
* Name: lower * Name: lower
* Purpose: convert string to lowercase * Purpose: convert string to lowercase
* *
* @link https://www.smarty.net/manual/en/language.modifier.lower.php lower (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* @author Uwe Tews * @author Uwe Tews
*/ */

1
src/Compile/Modifier/Nl2brModifierCompiler.php
View File

@ -7,7 +7,6 @@ namespace Smarty\Compile\Modifier;
* Name: nl2br * Name: nl2br
* Purpose: insert HTML line breaks before all newlines in a string * Purpose: insert HTML line breaks before all newlines in a string
* *
* @link https://www.smarty.net/docs/en/language.modifier.nl2br.tpl nl2br (Smarty online manual)
*/ */
class Nl2brModifierCompiler extends Base { class Nl2brModifierCompiler extends Base {

1
src/Compile/Modifier/RoundModifierCompiler.php
View File

@ -7,7 +7,6 @@ namespace Smarty\Compile\Modifier;
* Name: round * Name: round
* Purpose: Returns the rounded value of num to specified precision (number of digits after the decimal point) * Purpose: Returns the rounded value of num to specified precision (number of digits after the decimal point)
* *
* @link https://www.smarty.net/docs/en/language.modifier.round.tpl round (Smarty online manual)
*/ */
class RoundModifierCompiler extends Base { class RoundModifierCompiler extends Base {

1
src/Compile/Modifier/StrRepeatModifierCompiler.php
View File

@ -6,7 +6,6 @@ namespace Smarty\Compile\Modifier;
* Name: str_repeat * Name: str_repeat
* Purpose: returns string repeated times times * Purpose: returns string repeated times times
* *
* @link https://www.smarty.net/docs/en/language.modifier.str_repeat.tpl str_repeat (Smarty online manual)
*/ */
class StrRepeatModifierCompiler extends Base { class StrRepeatModifierCompiler extends Base {

1
src/Compile/Modifier/StringFormatModifierCompiler.php
View File

@ -6,7 +6,6 @@ namespace Smarty\Compile\Modifier;
* Name: string_format * Name: string_format
* Purpose: format strings via sprintf * Purpose: format strings via sprintf
* *
* @link https://www.smarty.net/manual/en/language.modifier.string.format.php string_format (Smarty online manual)
* @author Uwe Tews * @author Uwe Tews
*/ */

1
src/Compile/Modifier/StripModifierCompiler.php
View File

@ -9,7 +9,6 @@ namespace Smarty\Compile\Modifier;
* Example: {$var|strip} {$var|strip:"&nbsp;"} * Example: {$var|strip} {$var|strip:"&nbsp;"}
* Date: September 25th, 2002 * Date: September 25th, 2002
* *
* @link https://www.smarty.net/manual/en/language.modifier.strip.php strip (Smarty online manual)
* @author Uwe Tews * @author Uwe Tews
*/ */

1
src/Compile/Modifier/StripTagsModifierCompiler.php
View File

@ -6,7 +6,6 @@ namespace Smarty\Compile\Modifier;
* Name: strip_tags * Name: strip_tags
* Purpose: strip html tags from text * Purpose: strip html tags from text
* *
* @link https://www.smarty.net/docs/en/language.modifier.strip.tags.tpl strip_tags (Smarty online manual)
* @author Uwe Tews * @author Uwe Tews
*/ */

1
src/Compile/Modifier/StrlenModifierCompiler.php
View File

@ -7,7 +7,6 @@ namespace Smarty\Compile\Modifier;
* Name: strlen * Name: strlen
* Purpose: return the length of the given string * Purpose: return the length of the given string
* *
* @link https://www.smarty.net/docs/en/language.modifier.strlen.tpl strlen (Smarty online manual)
*/ */
class StrlenModifierCompiler extends Base { class StrlenModifierCompiler extends Base {

1
src/Compile/Modifier/UpperModifierCompiler.php
View File

@ -6,7 +6,6 @@ namespace Smarty\Compile\Modifier;
* Name: lower * Name: lower
* Purpose: convert string to uppercase * Purpose: convert string to uppercase
* *
* @link https://www.smarty.net/manual/en/language.modifier.upper.php lower (Smarty online manual)
* @author Uwe Tews * @author Uwe Tews
*/ */

1
src/Compile/Modifier/WordWrapModifierCompiler.php
View File

@ -6,7 +6,6 @@ namespace Smarty\Compile\Modifier;
* Name: wordwrap * Name: wordwrap
* Purpose: wrap a string of text at a given length * Purpose: wrap a string of text at a given length
* *
* @link https://www.smarty.net/manual/en/language.modifier.wordwrap.php wordwrap (Smarty online manual)
* @author Uwe Tews * @author Uwe Tews
*/ */

8
src/Data.php
View File

@ -163,8 +163,6 @@ class Data
* be not cached * be not cached
* *
* @return Data * @return Data
* @link https://www.smarty.net/docs/en/api.append.tpl
*
* @api Smarty::append() * @api Smarty::append()
*/ */
public function append($tpl_var, $value = null, $merge = false, $nocache = false) public function append($tpl_var, $value = null, $merge = false, $nocache = false)
@ -218,7 +216,6 @@ class Data
* *
* @return mixed variable value or or array of variables * @return mixed variable value or or array of variables
* @api Smarty::getTemplateVars() * @api Smarty::getTemplateVars()
* @link https://www.smarty.net/docs/en/api.get.template.vars.tpl
* *
*/ */
public function getTemplateVars($varName = null, $searchParents = true) public function getTemplateVars($varName = null, $searchParents = true)
@ -351,7 +348,6 @@ class Data
* @param string|array $tpl_var the template variable(s) to clear * @param string|array $tpl_var the template variable(s) to clear
* *
* @return Data * @return Data
* @link https://www.smarty.net/docs/en/api.clear.assign.tpl
* *
* @api Smarty::clearAssign() * @api Smarty::clearAssign()
*/ */
@ -371,7 +367,6 @@ class Data
* clear all the assigned template variables. * clear all the assigned template variables.
* *
* @return Data * @return Data
* @link https://www.smarty.net/docs/en/api.clear.all.assign.tpl
* *
* @api Smarty::clearAllAssign() * @api Smarty::clearAllAssign()
*/ */
@ -387,7 +382,6 @@ class Data
* @param string|null $name variable name or null * @param string|null $name variable name or null
* *
* @return Data * @return Data
* @link https://www.smarty.net/docs/en/api.clear.config.tpl
* *
* @api Smarty::clearConfig() * @api Smarty::clearConfig()
*/ */
@ -440,7 +434,6 @@ class Data
* *
* @return mixed variable value or or array of variables * @return mixed variable value or or array of variables
* @throws Exception * @throws Exception
* @link https://www.smarty.net/docs/en/api.get.config.vars.tpl
* *
* @api Smarty::getConfigVars() * @api Smarty::getConfigVars()
*/ */
@ -462,7 +455,6 @@ class Data
* @returns $this * @returns $this
* @throws \Exception * @throws \Exception
* @link https://www.smarty.net/docs/en/api.config.load.tpl
* *
* @api Smarty::configLoad() * @api Smarty::configLoad()
*/ */

7
src/Extension/DefaultExtension.php
View File

@ -113,7 +113,6 @@ class DefaultExtension extends Base {
* Name: spacify * Name: spacify
* Purpose: add spaces between characters in a string * Purpose: add spaces between characters in a string
* *
* @link https://www.smarty.net/manual/en/language.modifier.spacify.php spacify (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* *
* @param string $string input string * @param string $string input string
@ -234,7 +233,6 @@ class DefaultExtension extends Base {
* - format: strftime format for output * - format: strftime format for output
* - default_date: default date if $string is empty * - default_date: default date if $string is empty
* *
* @link https://www.smarty.net/manual/en/language.modifier.date.format.php date_format (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* *
* @param string $string input date string * @param string $string input date string
@ -386,7 +384,6 @@ class DefaultExtension extends Base {
* Name: escape * Name: escape
* Purpose: escape string for output * Purpose: escape string for output
* *
* @link https://www.smarty.net/docs/en/language.modifier.escape
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* *
* @param string $string input string * @param string $string input string
@ -654,8 +651,6 @@ class DefaultExtension extends Base {
* Name: regex_replace * Name: regex_replace
* Purpose: regular expression search/replace * Purpose: regular expression search/replace
* *
* @link https://www.smarty.net/manual/en/language.modifier.regex.replace.php
* regex_replace (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* *
* @param string $string input string * @param string $string input string
@ -703,7 +698,6 @@ class DefaultExtension extends Base {
* Name: replace * Name: replace
* Purpose: simple search/replace * Purpose: simple search/replace
* *
* @link https://www.smarty.net/manual/en/language.modifier.replace.php replace (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* @author Uwe Tews * @author Uwe Tews
* *
@ -726,7 +720,6 @@ class DefaultExtension extends Base {
* optionally splitting in the middle of a word, and * optionally splitting in the middle of a word, and
* appending the $etc string or inserting $etc into the middle. * appending the $etc string or inserting $etc into the middle.
* *
* @link https://www.smarty.net/manual/en/language.modifier.truncate.php truncate (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* *
* @param string $string input string * @param string $string input string

2
src/FunctionHandler/Counter.php
View File

@ -13,8 +13,6 @@ use Smarty\Template;
* @param Template $template template object * @param Template $template template object
* *
* @return string|null * @return string|null
*@link https://www.smarty.net/manual/en/language.function.counter.php {counter}
* (Smarty online manual)
* *
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
*/ */

2
src/FunctionHandler/Cycle.php
View File

@ -26,8 +26,6 @@ use Smarty\Template;
* {cycle name=row values="one,two,three" reset=true} * {cycle name=row values="one,two,three" reset=true}
* {cycle name=row} * {cycle name=row}
* *
* @link https://www.smarty.net/manual/en/language.function.cycle.php {cycle}
* (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* @author credit to Mark Priatel <mpriatel@rogers.com> * @author credit to Mark Priatel <mpriatel@rogers.com>
* @author credit to Gerard <gerard@interfold.com> * @author credit to Gerard <gerard@interfold.com>

2
src/FunctionHandler/Fetch.php
View File

@ -10,8 +10,6 @@ use Smarty\Template;
* Name: fetch * Name: fetch
* Purpose: fetch file, web or ftp data and display results * Purpose: fetch file, web or ftp data and display results
* *
* @link https://www.smarty.net/manual/en/language.function.fetch.php {fetch}
* (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* *
* @param array $params parameters * @param array $params parameters

2
src/FunctionHandler/HtmlCheckboxes.php
View File

@ -27,8 +27,6 @@ use Smarty\Template;
* - assign (optional) - assign the output as an array to this variable * - assign (optional) - assign the output as an array to this variable
* - escape (optional) - escape the content (not value), defaults to true * - escape (optional) - escape the content (not value), defaults to true
* *
* @link https://www.smarty.net/manual/en/language.function.html.checkboxes.php {html_checkboxes}
* (Smarty online manual)
* @author Christopher Kvarme <christopher.kvarme@flashjab.com> * @author Christopher Kvarme <christopher.kvarme@flashjab.com>
* @author credits to Monte Ohrt <monte at ohrt dot com> * @author credits to Monte Ohrt <monte at ohrt dot com>
* @version 1.0 * @version 1.0

2
src/FunctionHandler/HtmlImage.php
View File

@ -20,8 +20,6 @@ use Smarty\Template;
* - basedir - (optional) - base directory for absolute paths, default is environment variable DOCUMENT_ROOT * - basedir - (optional) - base directory for absolute paths, default is environment variable DOCUMENT_ROOT
* - path_prefix - prefix for path output (optional, default empty) * - path_prefix - prefix for path output (optional, default empty)
* *
* @link https://www.smarty.net/manual/en/language.function.html.image.php {html_image}
* (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* @author credits to Duda <duda@big.hu> * @author credits to Duda <duda@big.hu>
* @version 1.0 * @version 1.0

2
src/FunctionHandler/HtmlOptions.php
View File

@ -19,8 +19,6 @@ use Smarty\Template;
* - id (optional) - string default not set * - id (optional) - string default not set
* - class (optional) - string default not set * - class (optional) - string default not set
* *
* @link https://www.smarty.net/manual/en/language.function.html.options.php {html_image}
* (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* @author Ralf Strehle (minor optimization) <ralf dot strehle at yahoo dot de> * @author Ralf Strehle (minor optimization) <ralf dot strehle at yahoo dot de>
* *

2
src/FunctionHandler/HtmlRadios.php
View File

@ -27,8 +27,6 @@ use Smarty\Template;
* {html_radios values=$ids name='box' separator='<br>' output=$names} * {html_radios values=$ids name='box' separator='<br>' output=$names}
* {html_radios values=$ids checked=$checked separator='<br>' output=$names} * {html_radios values=$ids checked=$checked separator='<br>' output=$names}
* *
* @link https://www.smarty.net/manual/en/language.function.html.radios.php {html_radios}
* (Smarty online manual)
* @author Christopher Kvarme <christopher.kvarme@flashjab.com> * @author Christopher Kvarme <christopher.kvarme@flashjab.com>
* @author credits to Monte Ohrt <monte at ohrt dot com> * @author credits to Monte Ohrt <monte at ohrt dot com>
* @version 1.0 * @version 1.0

2
src/FunctionHandler/HtmlSelectDate.php
View File

@ -26,8 +26,6 @@ use Smarty\Template;
* - 2.0 complete rewrite for performance, * - 2.0 complete rewrite for performance,
* added attributes month_names, *_id * added attributes month_names, *_id
* *
* @link https://www.smarty.net/manual/en/language.function.html.select.date.php {html_select_date}
* (Smarty online manual)
* @version 2.0 * @version 2.0
* @author Andrei Zmievski * @author Andrei Zmievski
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>

2
src/FunctionHandler/HtmlSelectTime.php
View File

@ -9,8 +9,6 @@ use Smarty\Template;
* Name: html_select_time * Name: html_select_time
* Purpose: Prints the dropdowns for time selection * Purpose: Prints the dropdowns for time selection
* *
* @link https://www.smarty.net/manual/en/language.function.html.select.time.php {html_select_time}
* (Smarty online manual)
* @author Roberto Berto <roberto@berto.net> * @author Roberto Berto <roberto@berto.net>
* @author Monte Ohrt <monte AT ohrt DOT com> * @author Monte Ohrt <monte AT ohrt DOT com>
* *

2
src/FunctionHandler/HtmlTable.php
View File

@ -37,8 +37,6 @@ use Smarty\Template;
* @return string * @return string
*@author credit to boots <boots dot smarty at yahoo dot com> *@author credit to boots <boots dot smarty at yahoo dot com>
* @version 1.1 * @version 1.1
* @link https://www.smarty.net/manual/en/language.function.html.table.php {html_table}
* (Smarty online manual)
* *
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* @author credit to Messju Mohr <messju at lammfellpuschen dot de> * @author credit to Messju Mohr <messju at lammfellpuschen dot de>

2
src/FunctionHandler/Mailto.php
View File

@ -35,8 +35,6 @@ use Smarty\Template;
* {mailto address="me@domain.com" cc="you@domain.com,they@domain.com"} * {mailto address="me@domain.com" cc="you@domain.com,they@domain.com"}
* {mailto address="me@domain.com" extra='class="mailto"'} * {mailto address="me@domain.com" extra='class="mailto"'}
* *
* @link https://www.smarty.net/manual/en/language.function.mailto.php {mailto}
* (Smarty online manual)
* @version 1.2 * @version 1.2
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* @author credits to Jason Sweat (added cc, bcc and subject functionality) * @author credits to Jason Sweat (added cc, bcc and subject functionality)

2
src/FunctionHandler/Math.php
View File

@ -10,8 +10,6 @@ use Smarty\Template;
* Name: math * Name: math
* Purpose: handle math computations in template * Purpose: handle math computations in template
* *
* @link https://www.smarty.net/manual/en/language.function.math.php {math}
* (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* *
* @param array $params parameters * @param array $params parameters

15
src/Smarty.php
View File

@ -40,7 +40,6 @@ use Smarty\Runtime\TplFunctionRuntime;
* Smarty mailing list. Send a blank e-mail to * Smarty mailing list. Send a blank e-mail to
* smarty-discussion-subscribe@googlegroups.com * smarty-discussion-subscribe@googlegroups.com
* *
* @link https://www.smarty.net/
* @author Monte Ohrt <monte at ohrt dot com> * @author Monte Ohrt <monte at ohrt dot com>
* @author Uwe Tews <uwe dot tews at gmail dot com> * @author Uwe Tews <uwe dot tews at gmail dot com>
* @author Rodney Rehm * @author Rodney Rehm
@ -731,7 +730,6 @@ class Smarty extends \Smarty\TemplateBase {
* *
* @return $this * @return $this
* @throws \Smarty\Exception * @throws \Smarty\Exception
* @link https://www.smarty.net/docs/en/api.register.plugin.tpl
* *
* @api Smarty::registerPlugin() * @api Smarty::registerPlugin()
*/ */
@ -758,7 +756,6 @@ class Smarty extends \Smarty\TemplateBase {
* @param string $name name of template tag * @param string $name name of template tag
* *
* @return array|null * @return array|null
* @link https://www.smarty.net/docs/en/api.unregister.plugin.tpl
* *
* @api Smarty::unregisterPlugin() * @api Smarty::unregisterPlugin()
*/ */
@ -776,7 +773,6 @@ class Smarty extends \Smarty\TemplateBase {
* @param string $name name of template tag * @param string $name name of template tag
* *
* @return $this * @return $this
* @link https://www.smarty.net/docs/en/api.unregister.plugin.tpl
* *
* @api Smarty::unregisterPlugin() * @api Smarty::unregisterPlugin()
*/ */
@ -850,7 +846,6 @@ class Smarty extends \Smarty\TemplateBase {
* *
* @return $this * @return $this
* @throws Exception if $callback is not callable * @throws Exception if $callback is not callable
* @link https://www.smarty.net/docs/en/api.register.default.plugin.handler.tpl
* *
* @api Smarty::registerDefaultPluginHandler() * @api Smarty::registerDefaultPluginHandler()
* *
@ -1254,7 +1249,6 @@ class Smarty extends \Smarty\TemplateBase {
* *
* @return int number of cache files deleted * @return int number of cache files deleted
* @throws \Smarty\Exception * @throws \Smarty\Exception
* @link https://www.smarty.net/docs/en/api.clear.cache.tpl
* *
* @api Smarty::clearCache() * @api Smarty::clearCache()
*/ */
@ -1274,7 +1268,6 @@ class Smarty extends \Smarty\TemplateBase {
* @param string $type resource type * @param string $type resource type
* *
* @return int number of cache files deleted * @return int number of cache files deleted
* @link https://www.smarty.net/docs/en/api.clear.all.cache.tpl
* *
* @api Smarty::clearAllCache() * @api Smarty::clearAllCache()
*/ */
@ -1291,7 +1284,6 @@ class Smarty extends \Smarty\TemplateBase {
* *
* @return int number of template files deleted * @return int number of template files deleted
* @throws \Smarty\Exception * @throws \Smarty\Exception
* @link https://www.smarty.net/docs/en/api.clear.compiled.template.tpl
* *
* @api Smarty::clearCompiledTemplate() * @api Smarty::clearCompiledTemplate()
*/ */
@ -1805,7 +1797,6 @@ class Smarty extends \Smarty\TemplateBase {
* @return bool * @return bool
* @throws \Smarty\Exception * @throws \Smarty\Exception
* @api Smarty::loadFilter() * @api Smarty::loadFilter()
* @link https://www.smarty.net/docs/en/api.load.filter.tpl
* *
* @deprecated since 5.0 * @deprecated since 5.0
*/ */
@ -1857,7 +1848,6 @@ class Smarty extends \Smarty\TemplateBase {
* @throws \Smarty\Exception * @throws \Smarty\Exception
* @api Smarty::unloadFilter() * @api Smarty::unloadFilter()
* *
* @link https://www.smarty.net/docs/en/api.unload.filter.tpl
* *
* @deprecated since 5.0 * @deprecated since 5.0
*/ */
@ -1901,7 +1891,6 @@ class Smarty extends \Smarty\TemplateBase {
* @param Base $resource_handler * @param Base $resource_handler
* *
* @return Smarty * @return Smarty
* @link https://www.smarty.net/docs/en/api.register.cacheresource.tpl
* *
* @api Smarty::registerCacheResource() * @api Smarty::registerCacheResource()
* *
@ -1924,7 +1913,6 @@ class Smarty extends \Smarty\TemplateBase {
* *
* @return Smarty * @return Smarty
* @api Smarty::unregisterCacheResource() * @api Smarty::unregisterCacheResource()
* @link https://www.smarty.net/docs/en/api.unregister.cacheresource.tpl
* *
* @deprecated since 5.0 * @deprecated since 5.0
* *
@ -1958,7 +1946,6 @@ class Smarty extends \Smarty\TemplateBase {
* *
* @return TemplateBase * @return TemplateBase
* @throws \Smarty\Exception * @throws \Smarty\Exception
* @link https://www.smarty.net/docs/en/api.register.filter.tpl
* *
* @api Smarty::registerFilter() * @api Smarty::registerFilter()
*/ */
@ -2020,7 +2007,6 @@ class Smarty extends \Smarty\TemplateBase {
* @throws \Smarty\Exception * @throws \Smarty\Exception
* @api Smarty::unregisterFilter() * @api Smarty::unregisterFilter()
* *
* @link https://www.smarty.net/docs/en/api.unregister.filter.tpl
* *
*/ */
public function unregisterFilter($type, $name) { public function unregisterFilter($type, $name) {
@ -2203,7 +2189,6 @@ class Smarty extends \Smarty\TemplateBase {
* @return bool cache status * @return bool cache status
* @throws \Exception * @throws \Exception
* @throws \Smarty\Exception * @throws \Smarty\Exception
* @link https://www.smarty.net/docs/en/api.is.cached.tpl
* *
* @api Smarty::isCached() * @api Smarty::isCached()
*/ */

1
src/Template.php
View File

@ -604,7 +604,6 @@ class Template extends TemplateBase {
* @return bool cache status * @return bool cache status
* @throws \Exception * @throws \Exception
* @throws \Smarty\Exception * @throws \Smarty\Exception
* @link https://www.smarty.net/docs/en/api.is.cached.tpl
* *
* @api Smarty::isCached() * @api Smarty::isCached()
*/ */

7
src/TemplateBase.php
View File

@ -75,7 +75,6 @@ abstract class TemplateBase extends Data {
* *
* @return \Smarty|\Smarty\Template * @return \Smarty|\Smarty\Template
* @throws \Smarty\Exception * @throws \Smarty\Exception
* @link https://www.smarty.net/docs/en/api.register.object.tpl
* *
* @api Smarty::registerObject() * @api Smarty::registerObject()
*/ */
@ -116,7 +115,6 @@ abstract class TemplateBase extends Data {
* *
* @return TemplateBase * @return TemplateBase
* @api Smarty::unregisterObject() * @api Smarty::unregisterObject()
* @link https://www.smarty.net/docs/en/api.unregister.object.tpl
* *
*/ */
public function unregisterObject($object_name) { public function unregisterObject($object_name) {
@ -179,7 +177,6 @@ abstract class TemplateBase extends Data {
* @return Data data object * @return Data data object
* @throws Exception * @throws Exception
* @api Smarty::createData() * @api Smarty::createData()
* @link https://www.smarty.net/docs/en/api.create.data.tpl
* *
*/ */
public function createData(Data $parent = null, $name = null) { public function createData(Data $parent = null, $name = null) {
@ -222,7 +219,6 @@ abstract class TemplateBase extends Data {
* *
* @return object * @return object
* @throws \Smarty\Exception if no such object is found * @throws \Smarty\Exception if no such object is found
* @link https://www.smarty.net/docs/en/api.get.registered.object.tpl
* *
* @api Smarty::getRegisteredObject() * @api Smarty::getRegisteredObject()
*/ */
@ -319,7 +315,6 @@ abstract class TemplateBase extends Data {
* @return TemplateBase * @return TemplateBase
* @throws \Smarty\Exception * @throws \Smarty\Exception
* @api Smarty::registerClass() * @api Smarty::registerClass()
* @link https://www.smarty.net/docs/en/api.register.class.tpl
* *
*/ */
public function registerClass($class_name, $class_impl) { public function registerClass($class_name, $class_impl) {
@ -380,7 +375,6 @@ abstract class TemplateBase extends Data {
* @param \Smarty\Resource\BasePlugin $resource_handler instance of Smarty\Resource\BasePlugin * @param \Smarty\Resource\BasePlugin $resource_handler instance of Smarty\Resource\BasePlugin
* *
* @return \Smarty\Smarty|\Smarty\Template * @return \Smarty\Smarty|\Smarty\Template
* @link https://www.smarty.net/docs/en/api.register.resource.tpl
* *
* @api Smarty::registerResource() * @api Smarty::registerResource()
*/ */
@ -397,7 +391,6 @@ abstract class TemplateBase extends Data {
* *
* @return TemplateBase * @return TemplateBase
* @api Smarty::unregisterResource() * @api Smarty::unregisterResource()
* @link https://www.smarty.net/docs/en/api.unregister.resource.tpl
* *
*/ */
public function unregisterResource($type) { public function unregisterResource($type) {

710
tests/UnitTests/SecurityTests/SecurityTest.php
View File

@ -10,411 +10,411 @@ use Smarty\CompilerException;
/** /**
* class for security test * class for security test
*
*
*
*
*/ */
class SecurityTest extends PHPUnit_Smarty class SecurityTest extends PHPUnit_Smarty
{ {
public function setUp(): void public function setUp(): void
{ {
$this->setUpSmarty(__DIR__); $this->setUpSmarty(__DIR__);
$this->smarty->setForceCompile(true); $this->smarty->setForceCompile(true);
$this->smarty->enableSecurity(); $this->smarty->enableSecurity();
} }
public function testInit() public function testInit()
{ {
$this->cleanDirs(); $this->cleanDirs();
} }
/** /**
* test that security is loaded * test that security is loaded
*/ */
public function testSecurityLoaded() public function testSecurityLoaded()
{ {
$this->assertTrue(is_object($this->smarty->security_policy)); $this->assertTrue(is_object($this->smarty->security_policy));
} }
/** /**
* test trusted PHP function * test trusted PHP function
*/ */
public function testTrustedFunction() public function testTrustedFunction()
{ {
$this->assertEquals("5", $this->smarty->fetch('string:{assign var=foo value=[1,2,3,4,5]}{count($foo)}')); $this->assertEquals("5", $this->smarty->fetch('string:{assign var=foo value=[1,2,3,4,5]}{count($foo)}'));
} }
/** /**
* test trusted modifier * test trusted modifier
* @deprecated * @deprecated
*/ */
public function testTrustedModifier() public function testTrustedModifier()
{ {
$this->assertEquals("5", @$this->smarty->fetch('string:{assign var=foo value=[1,2,3,4,5]}{$foo|@count}')); $this->assertEquals("5", @$this->smarty->fetch('string:{assign var=foo value=[1,2,3,4,5]}{$foo|@count}'));
} }
/** /**
* test not trusted modifier * test not trusted modifier
* *
* *
* @deprecated * @deprecated
*/ */
public function testNotTrustedModifier() public function testNotTrustedModifier()
{ {
$this->smarty->security_policy->disabled_modifiers[] = 'escape'; $this->smarty->security_policy->disabled_modifiers[] = 'escape';
$this->expectException(\Smarty\Exception::class); $this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('modifier \'escape\' disabled by security setting'); $this->expectExceptionMessage('modifier \'escape\' disabled by security setting');
@$this->smarty->fetch('string:{assign var=foo value=[1,2,3,4,5]}{$foo|escape}'); @$this->smarty->fetch('string:{assign var=foo value=[1,2,3,4,5]}{$foo|escape}');
} }
/** /**
* test allowed tags * test allowed tags
*/ */
public function testAllowedTags1() public function testAllowedTags1()
{ {
$this->smarty->security_policy->allowed_tags = array('counter'); $this->smarty->security_policy->allowed_tags = array('counter');
$this->assertEquals("1", $this->smarty->fetch('string:{counter start=1}')); $this->assertEquals("1", $this->smarty->fetch('string:{counter start=1}'));
} }
/** /**
* test not allowed tag * test not allowed tag
* *
* *
*/ */
public function testNotAllowedTags2() public function testNotAllowedTags2()
{ {
$this->expectException(\Smarty\Exception::class); $this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('tag \'cycle\' not allowed by security setting'); $this->expectExceptionMessage('tag \'cycle\' not allowed by security setting');
$this->smarty->security_policy->allowed_tags = array('counter'); $this->smarty->security_policy->allowed_tags = array('counter');
$this->smarty->fetch('string:{counter}{cycle values="1,2"}'); $this->smarty->fetch('string:{counter}{cycle values="1,2"}');
} }
/** /**
* test disabled tag * test disabled tag
* *
* *
*/ */
public function testDisabledTags() public function testDisabledTags()
{ {
$this->expectException(\Smarty\Exception::class); $this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('tag \'cycle\' disabled by security setting'); $this->expectExceptionMessage('tag \'cycle\' disabled by security setting');
$this->smarty->security_policy->disabled_tags = array('cycle'); $this->smarty->security_policy->disabled_tags = array('cycle');
$this->smarty->fetch('string:{counter}{cycle values="1,2"}'); $this->smarty->fetch('string:{counter}{cycle values="1,2"}');
} }
/** /**
* test allowed modifier * test allowed modifier
*/ */
public function testAllowedModifier1() public function testAllowedModifier1()
{ {
error_reporting(E_ALL & E_STRICT); error_reporting(E_ALL & E_STRICT);
$this->smarty->security_policy->allowed_modifiers = array('capitalize'); $this->smarty->security_policy->allowed_modifiers = array('capitalize');
$this->assertEquals("Hello World", $this->smarty->fetch('string:{"hello world"|capitalize}')); $this->assertEquals("Hello World", $this->smarty->fetch('string:{"hello world"|capitalize}'));
error_reporting(E_ALL | E_STRICT); error_reporting(E_ALL | E_STRICT);
} }
public function testAllowedModifier2() public function testAllowedModifier2()
{ {
$this->smarty->security_policy->allowed_modifiers = array('upper'); $this->smarty->security_policy->allowed_modifiers = array('upper');
$this->assertEquals("HELLO WORLD", $this->smarty->fetch('string:{"hello world"|upper}')); $this->assertEquals("HELLO WORLD", $this->smarty->fetch('string:{"hello world"|upper}'));
} }
/** /**
* test not allowed modifier * test not allowed modifier
* *
* *
*/ */
public function testNotAllowedModifier() public function testNotAllowedModifier()
{ {
$this->expectException(\Smarty\Exception::class); $this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('modifier \'lower\' not allowed by security setting'); $this->expectExceptionMessage('modifier \'lower\' not allowed by security setting');
$this->smarty->security_policy->allowed_modifiers = array('upper'); $this->smarty->security_policy->allowed_modifiers = array('upper');
$this->smarty->fetch('string:{"hello"|upper}{"world"|lower}'); $this->smarty->fetch('string:{"hello"|upper}{"world"|lower}');
} }
/** /**
* test disabled modifier * test disabled modifier
* *
* *
*/ */
public function testDisabledModifier() public function testDisabledModifier()
{ {
$this->expectException(\Smarty\Exception::class); $this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('modifier \'lower\' disabled by security setting'); $this->expectExceptionMessage('modifier \'lower\' disabled by security setting');
$this->smarty->security_policy->disabled_modifiers = array('lower'); $this->smarty->security_policy->disabled_modifiers = array('lower');
$this->smarty->fetch('string:{"hello"|upper}{"world"|lower}'); $this->smarty->fetch('string:{"hello"|upper}{"world"|lower}');
} }
/** /**
* test Smarty no longer handles embedded PHP * test Smarty no longer handles embedded PHP
*/ */
public function testSmartyPhpAllow() public function testSmartyPhpAllow()
{ {
$this->assertEquals('<?php echo "hello world"; ?>', $this->smarty->fetch('string:<?php echo "hello world"; ?>')); $this->assertEquals('<?php echo "hello world"; ?>', $this->smarty->fetch('string:<?php echo "hello world"; ?>'));
} }
public function testSmartyPhpAllow2() public function testSmartyPhpAllow2()
{ {
$this->assertEquals('<? echo "hello world"; ?>', $this->smarty->fetch('string:<? echo "hello world"; ?>')); $this->assertEquals('<? echo "hello world"; ?>', $this->smarty->fetch('string:<? echo "hello world"; ?>'));
} }
public function testSmartyPhpAllow3() public function testSmartyPhpAllow3()
{ {
$this->assertEquals('<% echo "hello world"; %>', $this->smarty->fetch('string:<% echo "hello world"; %>')); $this->assertEquals('<% echo "hello world"; %>', $this->smarty->fetch('string:<% echo "hello world"; %>'));
} }
/** /**
* test standard directory * test standard directory
*/ */
public function testStandardDirectory() public function testStandardDirectory()
{ {
$content = $this->smarty->fetch('string:{include file="helloworld.tpl"}'); $content = $this->smarty->fetch('string:{include file="helloworld.tpl"}');
$this->assertEquals("hello world", $content); $this->assertEquals("hello world", $content);
} }
/** /**
* test trusted directory * test trusted directory
*/ */
public function testTrustedDirectory() public function testTrustedDirectory()
{ {
$this->smarty->security_policy->secure_dir = array('.' . DIRECTORY_SEPARATOR . 'templates_2' . DIRECTORY_SEPARATOR); $this->smarty->security_policy->secure_dir = array('.' . DIRECTORY_SEPARATOR . 'templates_2' . DIRECTORY_SEPARATOR);
$this->assertEquals("hello world", $this->smarty->fetch('string:{include file="templates_2/hello.tpl"}')); $this->assertEquals("hello world", $this->smarty->fetch('string:{include file="templates_2/hello.tpl"}'));
} }
/** /**
* test not trusted directory * test not trusted directory
* *
* *
* *
*/ */
public function testNotTrustedDirectory() public function testNotTrustedDirectory()
{ {
$this->expectException(\Smarty\Exception::class); $this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('not trusted file path'); $this->expectExceptionMessage('not trusted file path');
$this->smarty->security_policy->secure_dir = array(str_replace('\\', '/', __DIR__ . '/templates_3/')); $this->smarty->security_policy->secure_dir = array(str_replace('\\', '/', __DIR__ . '/templates_3/'));
$this->smarty->fetch('string:{include file="templates_2/hello.tpl"}'); $this->smarty->fetch('string:{include file="templates_2/hello.tpl"}');
} }
/** /**
* test disabled security for not trusted dir * test disabled security for not trusted dir
*/ */
public function testDisabledTrustedDirectory() public function testDisabledTrustedDirectory()
{ {
$this->smarty->disableSecurity(); $this->smarty->disableSecurity();
$this->assertEquals("hello world", $this->smarty->fetch('string:{include file="templates_2/hello.tpl"}')); $this->assertEquals("hello world", $this->smarty->fetch('string:{include file="templates_2/hello.tpl"}'));
} }
/** /**
* test trusted static class * test trusted static class
*/ */
public function testTrustedStaticClass() public function testTrustedStaticClass()
{ {
$this->smarty->security_policy->static_classes = array('mysecuritystaticclass'); $this->smarty->security_policy->static_classes = array('mysecuritystaticclass');
$tpl = $this->smarty->createTemplate('string:{mysecuritystaticclass::square(5)}'); $tpl = $this->smarty->createTemplate('string:{mysecuritystaticclass::square(5)}');
$this->assertEquals('25', $this->smarty->fetch($tpl)); $this->assertEquals('25', $this->smarty->fetch($tpl));
} }
/** /**
* test not trusted PHP function * test not trusted PHP function
* *
* *
*/ */
public function testNotTrustedStaticClass() public function testNotTrustedStaticClass()
{ {
$this->expectException(\Smarty\Exception::class); $this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('access to static class \'mysecuritystaticclass\' not allowed by security setting'); $this->expectExceptionMessage('access to static class \'mysecuritystaticclass\' not allowed by security setting');
$this->smarty->security_policy->static_classes = array('null'); $this->smarty->security_policy->static_classes = array('null');
$this->smarty->fetch('string:{mysecuritystaticclass::square(5)}'); $this->smarty->fetch('string:{mysecuritystaticclass::square(5)}');
} }
/** /**
* test not trusted PHP function * test not trusted PHP function
*/ */
public function testNotTrustedStaticClassEval() public function testNotTrustedStaticClassEval()
{ {
$this->expectException(\Smarty\Exception::class); $this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('dynamic static class not allowed by security setting'); $this->expectExceptionMessage('dynamic static class not allowed by security setting');
$this->smarty->security_policy->static_classes = array('null'); $this->smarty->security_policy->static_classes = array('null');
$this->smarty->fetch('string:{$test = "mysecuritystaticclass"}{$test::square(5)}'); $this->smarty->fetch('string:{$test = "mysecuritystaticclass"}{$test::square(5)}');
} }
/** /**
* test not trusted PHP function * test not trusted PHP function
*/ */
public function testNotTrustedStaticClassSmartyVar() public function testNotTrustedStaticClassSmartyVar()
{ {
$this->expectException(\Smarty\Exception::class); $this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('dynamic static class not allowed by security setting'); $this->expectExceptionMessage('dynamic static class not allowed by security setting');
$this->smarty->security_policy->static_classes = array('null'); $this->smarty->security_policy->static_classes = array('null');
$this->smarty->fetch('string:{$smarty.template_object::square(5)}'); $this->smarty->fetch('string:{$smarty.template_object::square(5)}');
} }
public function testChangedTrustedDirectory() public function testChangedTrustedDirectory()
{ {
$this->smarty->security_policy->secure_dir = array( $this->smarty->security_policy->secure_dir = array(
'.' . DIRECTORY_SEPARATOR . 'templates_2' . DIRECTORY_SEPARATOR, '.' . DIRECTORY_SEPARATOR . 'templates_2' . DIRECTORY_SEPARATOR,
); );
$this->assertEquals("hello world", $this->smarty->fetch('string:{include file="templates_2/hello.tpl"}')); $this->assertEquals("hello world", $this->smarty->fetch('string:{include file="templates_2/hello.tpl"}'));
$this->smarty->security_policy->secure_dir = array( $this->smarty->security_policy->secure_dir = array(
'.' . DIRECTORY_SEPARATOR . 'templates_2' . DIRECTORY_SEPARATOR, '.' . DIRECTORY_SEPARATOR . 'templates_2' . DIRECTORY_SEPARATOR,
'.' . DIRECTORY_SEPARATOR . 'templates_3' . DIRECTORY_SEPARATOR, '.' . DIRECTORY_SEPARATOR . 'templates_3' . DIRECTORY_SEPARATOR,
); );
$this->assertEquals("templates_3", $this->smarty->fetch('string:{include file="templates_3/dirname.tpl"}')); $this->assertEquals("templates_3", $this->smarty->fetch('string:{include file="templates_3/dirname.tpl"}'));
} }
/** /**
* test template file exits * test template file exits
* *
* *
* *
*/ */
public function testTemplateTrustedStream() public function testTemplateTrustedStream()
{ {
stream_wrapper_register("global", ResourceStreamSecurity::class) stream_wrapper_register("global", ResourceStreamSecurity::class)
or die("Failed to register protocol"); or die("Failed to register protocol");
$fp = fopen("global://mytest", "r+"); $fp = fopen("global://mytest", "r+");
fwrite($fp, 'hello world {$foo}'); fwrite($fp, 'hello world {$foo}');
fclose($fp); fclose($fp);
$this->smarty->security_policy->streams= array('global'); $this->smarty->security_policy->streams= array('global');
$tpl = $this->smarty->createTemplate('global:mytest'); $tpl = $this->smarty->createTemplate('global:mytest');
$this->assertTrue($tpl->getSource()->exists); $this->assertTrue($tpl->getSource()->exists);
stream_wrapper_unregister("global"); stream_wrapper_unregister("global");
} }
/** /**
* *
* *
* test template file exits * test template file exits
*/ */
public function testTemplateNotTrustedStream() public function testTemplateNotTrustedStream()
{ {
$this->expectException(\Smarty\Exception::class); $this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('stream \'global\' not allowed by security setting'); $this->expectExceptionMessage('stream \'global\' not allowed by security setting');
stream_wrapper_register("global", ResourceStreamSecurity::class) stream_wrapper_register("global", ResourceStreamSecurity::class)
or die("Failed to register protocol"); or die("Failed to register protocol");
$fp = fopen("global://mytest", "r+"); $fp = fopen("global://mytest", "r+");
fwrite($fp, 'hello world {$foo}'); fwrite($fp, 'hello world {$foo}');
fclose($fp); fclose($fp);
$this->smarty->security_policy->streams= array('notrusted'); $this->smarty->security_policy->streams= array('notrusted');
$tpl = $this->smarty->createTemplate('global:mytest'); $tpl = $this->smarty->createTemplate('global:mytest');
$this->assertTrue($tpl->getSource()->exists); $this->assertTrue($tpl->getSource()->exists);
stream_wrapper_unregister("global"); stream_wrapper_unregister("global");
} }
/**
*
* @group slow
*/
public function testTrustedUri()
{
$this->smarty->security_policy->trusted_uri = array(
'#https://www.smarty.net$#i'
);
$this->assertStringContainsString('<title>Preface | Smarty</title>', $this->smarty->fetch('string:{fetch file="https://www.smarty.net/docs/en/preface.tpl"}'));
}
/** public function testTrustedUri()
* {
* $this->smarty->security_policy->trusted_uri = array(
*/ '#https://s4otw4nhg.erteorteortert.nusuchtld$#i'
public function testNotTrustedUri() );
{
$this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('URI \'https://www.smarty.net/docs/en/preface.tpl\' not allowed by security setting');
$this->smarty->security_policy->trusted_uri = array();
$this->assertStringContainsString('<title>Preface | Smarty</title>', $this->smarty->fetch('string:{fetch file="https://www.smarty.net/docs/en/preface.tpl"}'));
}
/** $this->expectException(\Smarty\Exception::class);
* In security mode, accessing $smarty.template_object should be illegal. $this->expectExceptionMessage('{fetch} cannot read resource \'https://s4otw4nhg.erteorteortert.nusuchtld/docs/en/preface.tpl\'');
*/
public function testSmartyTemplateObject() { $this->smarty->fetch('string:{fetch file="https://s4otw4nhg.erteorteortert.nusuchtld/docs/en/preface.tpl"}');
$this->expectException(CompilerException::class); }
$this->smarty->display('string:{$smarty.template_object}');
} /**
*
*
*/
public function testNotTrustedUri()
{
$this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('URI \'https://example.net\' not allowed by security setting');
$this->smarty->security_policy->trusted_uri = [];
$this->assertStringContainsString(
'<title>Preface | Smarty</title>',
$this->smarty->fetch('string:{fetch file="https://example.net"}')
);
}
/**
* In security mode, accessing $smarty.template_object should be illegal.
*/
public function testSmartyTemplateObject() {
$this->expectException(CompilerException::class);
$this->smarty->display('string:{$smarty.template_object}');
}
} }
class mysecuritystaticclass class mysecuritystaticclass
{ {
const STATIC_CONSTANT_VALUE = 3; const STATIC_CONSTANT_VALUE = 3;
static $static_var = 5; static $static_var = 5;
static function square($i) static function square($i)
{ {
return $i * $i; return $i * $i;
} }
} }
#[AllowDynamicProperties] #[AllowDynamicProperties]
class ResourceStreamSecurity class ResourceStreamSecurity
{ {
private $position; private $position;
private $varname; private $varname;
public function stream_open($path, $mode, $options, &$opened_path) public function stream_open($path, $mode, $options, &$opened_path)
{ {
$url = parse_url($path); $url = parse_url($path);
$this->varname = $url["host"]; $this->varname = $url["host"];
$this->position = 0; $this->position = 0;
return true; return true;
} }
public function stream_read($count) public function stream_read($count)
{ {
$p = &$this->position; $p = &$this->position;
$ret = substr($GLOBALS[$this->varname], $p, $count); $ret = substr($GLOBALS[$this->varname], $p, $count);
$p += strlen($ret); $p += strlen($ret);
return $ret; return $ret;
} }
public function stream_write($data) public function stream_write($data)
{ {
$v = &$GLOBALS[$this->varname]; $v = &$GLOBALS[$this->varname];
$l = strlen($data); $l = strlen($data);
$p = &$this->position; $p = &$this->position;
$v = substr($v ?? '', 0, $p) . $data . substr($v ?? '', $p += $l); $v = substr($v ?? '', 0, $p) . $data . substr($v ?? '', $p += $l);
return $l; return $l;
} }
public function stream_tell() public function stream_tell()
{ {
return $this->position; return $this->position;
} }
public function stream_eof() public function stream_eof()
{ {
if (!isset($GLOBALS[$this->varname])) { if (!isset($GLOBALS[$this->varname])) {
return true; return true;
} }
return $this->position >= strlen($GLOBALS[$this->varname]); return $this->position >= strlen($GLOBALS[$this->varname]);
} }
public function stream_seek($offset, $whence) public function stream_seek($offset, $whence)
{ {
$l = strlen($GLOBALS[$this->varname]); $l = strlen($GLOBALS[$this->varname]);
$p = &$this->position; $p = &$this->position;
switch ($whence) { switch ($whence) {
case SEEK_SET: case SEEK_SET:
$newPos = $offset; $newPos = $offset;
break; break;
case SEEK_CUR: case SEEK_CUR:
$newPos = $p + $offset; $newPos = $p + $offset;
break; break;
case SEEK_END: case SEEK_END:
$newPos = $l + $offset; $newPos = $l + $offset;
break; break;
default: default:
return false; return false;
} }
$ret = ($newPos >= 0 && $newPos <= $l); $ret = ($newPos >= 0 && $newPos <= $l);
if ($ret) { if ($ret) {
$p = $newPos; $p = $newPos;
} }
return $ret; return $ret;
} }
} }

132
tests/UnitTests/TemplateSource/TagTests/PluginFunction/PluginFunctionFetchTest.php
View File

@ -1,85 +1,71 @@
<?php <?php
/**
* Smarty PHPunit tests of modifier
*
* @author Rodney Rehm
*/
/** /**
* class for modifier tests * class testing fetch function
*
*
*
*
*/ */
class PluginFunctionFetchTest extends PHPUnit_Smarty class PluginFunctionFetchTest extends PHPUnit_Smarty
{ {
public function setUp(): void public function setUp(): void
{ {
$this->setUpSmarty(__DIR__); $this->setUpSmarty(__DIR__);
} }
public function testInit() public function testInit()
{ {
$this->cleanDirs(); $this->cleanDirs();
} }
/**
* test {fetch} from local file
*/
public function testFetchFile()
{
$this->assertStringContainsString(
'ct4hn8nzgm;cgzm;',
$this->smarty->fetch('string:{fetch file="./testfile.txt"}')
);
}
/** /**
* test {fetch} from UIR * test {fetch} non-existing file
* */
* public function testFetchNonExistingFile()
* @group slow {
*/ $this->expectException(\Smarty\Exception::class);
public function testFetchUri() $this->expectExceptionMessage('{fetch} cannot read resource \'./no/such/file\'');
{ $this->smarty->fetch('string:{fetch file="./no/such/file"}');
$this->assertStringContainsString('<title>Preface | Smarty</title>', $this->smarty->fetch('string:{fetch file="https://www.smarty.net/docs/en/preface.tpl"}')); }
}
/** /**
* test {fetch} invalid uri * test {fetch file=...} access to file from path not aloo/wed by security settings
* *
* * @run InSeparateProcess
* *
*/ */
public function testFetchInvalidUri() public function testFetchSecurity()
{ {
$this->expectException(\Smarty\Exception::class); $this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('{fetch} cannot read resource \'https://foo.smarty.net/foo.dat\''); $this->expectExceptionMessage('not trusted file path');
$this->smarty->fetch('string:{fetch file="https://foo.smarty.net/foo.dat"}'); $this->cleanDirs();
} $dir=$this->smarty->getTemplateDir();
$this->smarty->enableSecurity();
/** $this->smarty->fetch('string:{fetch file=\''. $dir[0]. '../../../../../etc/passwd\'}');
* test {fetch file=...} access to file from path not aloo/wed by security settings }
* /**
* @run InSeparateProcess * test {fetch file=...} access to file from path not aloo/wed by security settings
* *
*/ * @run InSeparateProcess
public function testFetchSecurity() *
{ */
$this->expectException(\Smarty\Exception::class); public function testFetchSecurity2()
$this->expectExceptionMessage('not trusted file path'); {
$this->cleanDirs(); $this->expectException(\Smarty\Exception::class);
$dir=$this->smarty->getTemplateDir(); $this->expectExceptionMessage('not trusted file path');
$this->smarty->enableSecurity(); $this->cleanDirs();
$this->smarty->fetch('string:{fetch file=\''. $dir[0]. '../../../../../etc/passwd\'}'); $this->smarty->getTemplateDir();
} $this->smarty->enableSecurity();
/** $this->smarty->setTemplateDir('/templates');
* test {fetch file=...} access to file from path not aloo/wed by security settings $this->smarty->fetch('string:{fetch file="/templates/../etc/passwd"}');
* }
* @run InSeparateProcess
*
*/
public function testFetchSecurity2()
{
$this->expectException(\Smarty\Exception::class);
$this->expectExceptionMessage('not trusted file path');
$this->cleanDirs();
$this->smarty->getTemplateDir();
$this->smarty->enableSecurity();
$this->smarty->setTemplateDir('/templates');
$this->smarty->fetch('string:{fetch file="/templates/../etc/passwd"}');
}
} }

1
tests/UnitTests/TemplateSource/TagTests/PluginFunction/testfile.txt Normal file
View File

@ -0,0 +1 @@
ct4hn8nzgm;cgzm;