4.1 KiB
		
	
	
	
	
	
	
	
			
		
		
	
	Security
Security is good for situations when you have untrusted parties editing the templates e.g. via ftp, and you want to reduce the risk of system security compromises through the template language.
The settings of the security policy are defined by properties of an instance of the \Smarty\Security class. These are the possible settings:
- 
$secure_diris an array of template directories that are considered secure. A template dir is considered secure implicitly. The default is an empty array.
- 
$trusted_uriis an array of regular expressions matching URIs that are considered trusted. This security directive used by{fetch}and{html_image}. URIs passed to these functions are reduced to{$PROTOCOL}://{$HOSTNAME}to allow simple regular expressions (without having to deal with edge cases like authentication-tokens).The expression '#https?://.*smarty.net$#i'would allow accessing the following URIs:- http://smarty.net/foo
- http://smarty.net/foo
- http://www.smarty.net/foo
- http://smarty.net/foo
- https://foo.bar.www.smarty.net/foo/bla?blubb=1
 but deny access to these URIs: - http://smarty.com/foo(not matching top-level domain "com")
- ftp://www.smarty.net/foo(not matching protocol "ftp")
- http://www.smarty.net.otherdomain.com/foo(not matching end of domain "smarty.net")
 
- 
$static_classesis an array of classes that are considered trusted. The default is an empty array which allows access to all static classes. To disable access to all static classes set $static_classes = null.
- 
$streamsis an array of streams that are considered trusted and can be used from within template. To disable access to all streams set $streams = null. An empty array ( $streams = [] ) will allow all streams. The default is array('file').
- 
$allowed_modifiersis an array of (registered / autoloaded) modifiers that should be accessible to the template. If this array is non-empty, only the herein listed modifiers may be used. This is a whitelist.
- 
$disabled_modifiersis an array of (registered / autoloaded) modifiers that may not be accessible to the template.
- 
$allowed_tagsis a boolean flag which controls if constants can function-, block and filter plugins that should be accessible to the template. If this array is non-empty, only the herein listed modifiers may be used. This is a whitelist.
- 
$disabled_tagsis an array of (registered / autoloaded) function-, block and filter plugins that may not be accessible to the template.
- 
$allow_constantsis a boolean flag which controls if constants can be accessed by the template. The default is "true".
- 
$allow_super_globalsis a boolean flag which controls if the PHP super globals can be accessed by the template. The default is "true".
If security is enabled, no private methods, functions or properties of static classes or assigned objects can be accessed (beginning with '_') by the template.
To customize the security policy settings you can extend the \Smarty\Security class or create an instance of it.
<?php
use Smarty\Smarty;
class My_Security_Policy extends \Smarty\Security {
  public $allow_constants = false;
}
$smarty = new Smarty();
// enable security
$smarty->enableSecurity('My_Security_Policy');
<?php
use Smarty\Smarty;
$smarty = new Smarty();
$my_security_policy = new \Smarty\Security($smarty);
$my_security_policy->allow_constants = false;
// enable security
$smarty->enableSecurity($my_security_policy);
<?php
use Smarty\Smarty;
$smarty = new Smarty();
// enable default security
$smarty->enableSecurity();
Note
Most security policy settings are only checked when the template gets compiled. For that reason you should delete all cached and compiled template files when you change your security settings.