Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow/Deny inline constants #585

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Allow/Deny inline constants #585

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
550702f
add $allow_inline_constants
artcs Apr 14, 2020
dd309a7
use $allow_inline_constants
artcs Apr 14, 2020
b8f1636
use $allow_inline_constants
artcs Apr 14, 2020
8ecd215
fix function calls
artcs May 10, 2020
db044a1
fix function calls
artcs May 10, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
9 changes: 5 additions & 4 deletions lexer/smarty_internal_templateparser.y
View file
Open in desktop
Expand Up @@ -154,6 +154,7 @@ class Smarty_Internal_Templateparser
$this->template = $this->compiler->template;
$this->smarty = $this->template->smarty;
$this->security = isset($this->smarty->security_policy) ? $this->smarty->security_policy : false;
$this->allow_inline_constants = $this->smarty->allow_inline_constants;
$this->current_buffer = $this->root_buffer = new Smarty_Internal_ParseTree_Template();
}

Expand Down Expand Up @@ -310,7 +311,7 @@ smartytag(A)::= SIMPLETAG(B). {
$this->strip = true;
A = null;;
} else {
if (defined($tag)) {
if ($this->allow_inline_constants AND defined($tag)) {
if ($this->security) {
$this->security->isTrustedConstant($tag, $this->compiler);
}
Expand Down Expand Up @@ -381,7 +382,7 @@ output(A) ::= expr(B). {

// tag with optional Smarty2 style attributes
tag(res) ::= LDEL ID(i) attributes(a). {
if (defined(i)) {
if ($this->allow_inline_constants AND defined(i)) {
if ($this->security) {
$this->security->isTrustedConstant(i, $this->compiler);
}
Expand All @@ -391,7 +392,7 @@ tag(res) ::= LDEL ID(i) attributes(a). {
}
}
tag(res) ::= LDEL ID(i). {
if (defined(i)) {
if ($this->allow_inline_constants AND defined(i)) {
if ($this->security) {
$this->security->isTrustedConstant(i, $this->compiler);
}
Expand All @@ -404,7 +405,7 @@ tag(res) ::= LDEL ID(i). {

// tag with modifier and optional Smarty2 style attributes
tag(res) ::= LDEL ID(i) modifierlist(l)attributes(a). {
if (defined(i)) {
if ($this->allow_inline_constants AND defined(i)) {
if ($this->security) {
$this->security->isTrustedConstant(i, $this->compiler);
}
Expand Down
10 changes: 9 additions & 1 deletion libs/Smarty.class.php
View file
Open in desktop
Expand Up @@ -112,7 +112,7 @@ class Smarty extends Smarty_Internal_TemplateBase
/**
* smarty version
*/
const SMARTY_VERSION = '3.1.36';
const SMARTY_VERSION = '3.1.37-dev-1';
/**
* define variable scopes
*/
Expand Down Expand Up @@ -310,6 +310,14 @@ class Smarty extends Smarty_Internal_TemplateBase
*/
public $allow_ambiguous_resources = false;

/**
* allow inline constants (use defined constants without the $smarty.const. prefix)
* default to true for backwards compatibility
*
* @var boolean
*/
public $allow_inline_constants = true;

/**
* merge compiled includes
*
Expand Down
9 changes: 5 additions & 4 deletions libs/sysplugins/smarty_internal_templateparser.php
View file
Open in desktop
Expand Up @@ -1771,6 +1771,7 @@ public function __construct(Smarty_Internal_Templatelexer $lex, Smarty_Internal_
$this->template = $this->compiler->template;
$this->smarty = $this->template->smarty;
$this->security = isset($this->smarty->security_policy) ? $this->smarty->security_policy : false;
$this->allow_inline_constants = $this->smarty->allow_inline_constants;
$this->current_buffer = $this->root_buffer = new Smarty_Internal_ParseTree_Template();
} /* The parser's stack */
public static function yy_destructor($yymajor, $yypminor)
Expand Down Expand Up @@ -2259,7 +2260,7 @@ public function yy_r13()
$this->strip = true;
$this->_retvalue = null;
} else {
if (defined($tag)) {
if ($this->allow_inline_constants AND defined($tag)) {
if ($this->security) {
$this->security->isTrustedConstant($tag, $this->compiler);
}
Expand Down Expand Up @@ -2348,7 +2349,7 @@ public function yy_r21()
// line 393 "../smarty/lexer/smarty_internal_templateparser.y"
public function yy_r25()
{
if (defined($this->yystack[ $this->yyidx + -1 ]->minor)) {
if ($this->allow_inline_constants AND defined($this->yystack[ $this->yyidx + -1 ]->minor)) {
if ($this->security) {
$this->security->isTrustedConstant($this->yystack[ $this->yyidx + -1 ]->minor, $this->compiler);
}
Expand All @@ -2365,7 +2366,7 @@ public function yy_r25()
// line 406 "../smarty/lexer/smarty_internal_templateparser.y"
public function yy_r26()
{
if (defined($this->yystack[ $this->yyidx + 0 ]->minor)) {
if ($this->allow_inline_constants AND defined($this->yystack[ $this->yyidx + 0 ]->minor)) {
if ($this->security) {
$this->security->isTrustedConstant($this->yystack[ $this->yyidx + 0 ]->minor, $this->compiler);
}
Expand All @@ -2380,7 +2381,7 @@ public function yy_r26()
// line 418 "../smarty/lexer/smarty_internal_templateparser.y"
public function yy_r27()
{
if (defined($this->yystack[ $this->yyidx + -2 ]->minor)) {
if ($this->allow_inline_constants AND defined($this->yystack[ $this->yyidx + -2 ]->minor)) {
if ($this->security) {
$this->security->isTrustedConstant($this->yystack[ $this->yyidx + -2 ]->minor, $this->compiler);
}
Expand Down