...
 
Commits (4)
......@@ -2,7 +2,14 @@
This file contains a brief description of new features which have been added to Smarty 3.1
Smarty 3.1.32 New tags for inheritance parent and child
Smarty 3.1.33-dev
Variable capture name in Smarty special variable
================================================
{$smarty.capture.$foo} can now be used to access the content of a named
capture block
Smarty 3.1.32
New tags for inheritance parent and child
=========================================
{parent} == {$smarty.block.parent}
{child} == {$smarty.block.child}
......
===== 3.1.32 ===== (24.04.2018)
===== 3.1.33-dev-7 =====
26.08.2018
- bugfix/enhancement {capture} allow variable as capture block name in Smarty special variable
like $smarty.capture.$foo https://github.com/smarty-php/smarty/issues/478 https://github.com/smarty-php/smarty/pull/481
===== 3.1.33-dev-6 =====
19.08.2018
- fix PSR-2 coding standards and PHPDoc blocks https://github.com/smarty-php/smarty/pull/452
https://github.com/smarty-php/smarty/pull/475
https://github.com/smarty-php/smarty/pull/473
- bugfix PHP5.2 compatibility https://github.com/smarty-php/smarty/pull/472
===== 3.1.33-dev-4 =====
17.05.2018
- bugfix strip-block produces different output in Smarty v3.1.32 https://github.com/smarty-php/smarty/issues/436
- bugfix Smarty::compileAllTemplates ignores `$extension` parameter https://github.com/smarty-php/smarty/issues/437
https://github.com/smarty-php/smarty/pull/438
- improvement do not compute total property in {foreach} if not needed https://github.com/smarty-php/smarty/issues/443
- bugfix plugins may not be loaded when setMergeCompiledIncludes is true https://github.com/smarty-php/smarty/issues/435
26.04.2018
- bugfix regarding Security Vulnerability did not solve the problem under Linux.
===== 3.1.32 ===== (24.04.2018)
24.04.2018
- bugfix possible Security Vulnerability in Smarty_Security class.
......
......@@ -2,7 +2,9 @@
"name": "smarty/smarty",
"type": "library",
"description": "Smarty - the compiling PHP template engine",
"keywords": ["templating"],
"keywords": [
"templating"
],
"homepage": "http://www.smarty.net",
"license": "LGPL-3.0",
"authors": [
......@@ -28,12 +30,13 @@
"php": ">=5.2"
},
"autoload": {
"files": ["libs/bootstrap.php"]
"files": [
"libs/bootstrap.php"
]
},
"extra": {
"branch-alias": {
"dev-master": "3.1.x-dev"
}
}
}
\ No newline at end of file
smarty3 (3.1.33+20180830.1.3a78a21f+selfpack1-1) unstable; urgency=medium
* New upstream release.
- CVE-2018-16831: Don't bypass trusted directories with "../". (Closes:
#908698).
* debian/control:
+ Bump Standards-Version: to 4.2.1. No changes needed.
-- Mike Gabriel <sunweaver@debian.org> Mon, 17 Sep 2018 13:04:18 +0200
smarty3 (3.1.32+20180424.1.ac9d4b58+selfpack1-1) unstable; urgency=medium
* New upstream release.
......
......@@ -8,7 +8,7 @@ Build-Depends:
debhelper (>= 11~),
pkg-php-tools (>= 1.7~),
smarty-lexer (>= 3.1.30+dfsg1-1.1~),
Standards-Version: 4.1.4
Standards-Version: 4.2.1
Vcs-Git: https://salsa.debian.org/debian/smarty3.git
Vcs-Browser: https://salsa.debian.org/debian/smarty3
Homepage: http://www.smarty.net/
......
......@@ -17,11 +17,15 @@ $smarty->cache_lifetime = 120;
$smarty->assign("Name", "Fred Irving Johnathan Bradley Peppergill", true);
$smarty->assign("FirstName", array("John", "Mary", "James", "Henry"));
$smarty->assign("LastName", array("Doe", "Smith", "Johnson", "Case"));
$smarty->assign("Class", array(array("A", "B", "C", "D"), array("E", "F", "G", "H"), array("I", "J", "K", "L"),
array("M", "N", "O", "P")));
$smarty->assign(
"Class", array(array("A", "B", "C", "D"), array("E", "F", "G", "H"), array("I", "J", "K", "L"),
array("M", "N", "O", "P"))
);
$smarty->assign("contacts", array(array("phone" => "1", "fax" => "2", "cell" => "3"),
array("phone" => "555-4444", "fax" => "555-3333", "cell" => "760-1234")));
$smarty->assign(
"contacts", array(array("phone" => "1", "fax" => "2", "cell" => "3"),
array("phone" => "555-4444", "fax" => "555-3333", "cell" => "760-1234"))
);
$smarty->assign("option_values", array("NY", "NE", "KS", "IA", "OK", "TX"));
$smarty->assign("option_output", array("New York", "Nebraska", "Kansas", "Iowa", "Oklahoma", "Texas"));
......
......@@ -11,6 +11,11 @@
*/
class Smarty_CacheResource_Apc extends Smarty_CacheResource_KeyValueStore
{
/**
* Smarty_CacheResource_Apc constructor.
*
* @throws \Exception
*/
public function __construct()
{
// test if APC is present
......
......@@ -96,6 +96,6 @@ class Smarty_CacheResource_Memcache extends Smarty_CacheResource_KeyValueStore
*/
protected function purge()
{
$this->memcache->flush();
return $this->memcache->flush();
}
}
......@@ -33,6 +33,11 @@ class Smarty_CacheResource_Mysql extends Smarty_CacheResource_Custom
protected $save;
/**
* Smarty_CacheResource_Mysql constructor.
*
* @throws \SmartyException
*/
public function __construct()
{
try {
......@@ -43,8 +48,10 @@ class Smarty_CacheResource_Mysql extends Smarty_CacheResource_Custom
}
$this->fetch = $this->db->prepare('SELECT modified, content FROM output_cache WHERE id = :id');
$this->fetchTimestamp = $this->db->prepare('SELECT modified FROM output_cache WHERE id = :id');
$this->save = $this->db->prepare('REPLACE INTO output_cache (id, name, cache_id, compile_id, content)
VALUES (:id, :name, :cache_id, :compile_id, :content)');
$this->save = $this->db->prepare(
'REPLACE INTO output_cache (id, name, cache_id, compile_id, content)
VALUES (:id, :name, :cache_id, :compile_id, :content)'
);
}
/**
......@@ -108,8 +115,10 @@ class Smarty_CacheResource_Mysql extends Smarty_CacheResource_Custom
*/
protected function save($id, $name, $cache_id, $compile_id, $exp_time, $content)
{
$this->save->execute(array('id' => $id, 'name' => $name, 'cache_id' => $cache_id, 'compile_id' => $compile_id,
'content' => $content,));
$this->save->execute(
array('id' => $id, 'name' => $name, 'cache_id' => $cache_id, 'compile_id' => $compile_id,
'content' => $content,)
);
return !!$this->save->rowCount();
}
......
......@@ -29,35 +29,30 @@
*/
class Smarty_CacheResource_Pdo extends Smarty_CacheResource_Custom
{
protected $fetchStatements = Array('default' => 'SELECT %2$s
FROM %1$s
WHERE 1
AND id = :id
AND cache_id IS NULL
AND compile_id IS NULL',
'withCacheId' => 'SELECT %2$s
FROM %1$s
WHERE 1
AND id = :id
AND cache_id = :cache_id
AND compile_id IS NULL',
'withCompileId' => 'SELECT %2$s
FROM %1$s
WHERE 1
AND id = :id
AND compile_id = :compile_id
AND cache_id IS NULL',
'withCacheIdAndCompileId' => 'SELECT %2$s
FROM %1$s
WHERE 1
AND id = :id
AND cache_id = :cache_id
AND compile_id = :compile_id');
protected $insertStatement = 'INSERT INTO %s
SET id = :id,
......@@ -75,15 +70,10 @@ class Smarty_CacheResource_Pdo extends Smarty_CacheResource_Custom
modified = CURRENT_TIMESTAMP,
expire = DATE_ADD(CURRENT_TIMESTAMP, INTERVAL :expire SECOND),
content = :content';
protected $deleteStatement = 'DELETE FROM %1$s WHERE %2$s';
protected $truncateStatement = 'TRUNCATE TABLE %s';
protected $fetchColumns = 'modified, content';
protected $fetchTimestampColumns = 'modified';
protected $pdo, $table, $database;
/*
......@@ -93,17 +83,23 @@ class Smarty_CacheResource_Pdo extends Smarty_CacheResource_Custom
* @param string $table : table (or view) name
* @param string $database : optional - if table is located in another db
*/
/**
* Smarty_CacheResource_Pdo constructor.
*
* @param \PDO $pdo
* @param $table
* @param null $database
*
* @throws \SmartyException
*/
public function __construct(PDO $pdo, $table, $database = null)
{
if (is_null($table)) {
throw new SmartyException("Table name for caching can't be null");
}
$this->pdo = $pdo;
$this->table = $table;
$this->database = $database;
$this->fillStatementsWithTableName();
}
......@@ -115,15 +111,12 @@ class Smarty_CacheResource_Pdo extends Smarty_CacheResource_Custom
*/
protected function fillStatementsWithTableName()
{
foreach ($this->fetchStatements AS &$statement) {
$statement = sprintf($statement, $this->getTableName(), '%s');
}
$this->insertStatement = sprintf($this->insertStatement, $this->getTableName());
$this->deleteStatement = sprintf($this->deleteStatement, $this->getTableName(), '%s');
$this->truncateStatement = sprintf($this->truncateStatement, $this->getTableName());
return $this;
}
......@@ -138,7 +131,6 @@ class Smarty_CacheResource_Pdo extends Smarty_CacheResource_Custom
*/
protected function getFetchStatement($columns, $id, $cache_id = null, $compile_id = null)
{
if (!is_null($cache_id) && !is_null($compile_id)) {
$query = $this->fetchStatements[ 'withCacheIdAndCompileId' ] AND
$args = Array('id' => $id, 'cache_id' => $cache_id, 'compile_id' => $compile_id);
......@@ -150,15 +142,11 @@ class Smarty_CacheResource_Pdo extends Smarty_CacheResource_Custom
} else {
$query = $this->fetchStatements[ 'default' ] AND $args = Array('id' => $id);
}
$query = sprintf($query, $columns);
$stmt = $this->pdo->prepare($query);
foreach ($args AS $key => $value) {
$stmt->bindValue($key, $value);
}
return $stmt;
}
......@@ -177,12 +165,10 @@ class Smarty_CacheResource_Pdo extends Smarty_CacheResource_Custom
*/
protected function fetch($id, $name, $cache_id = null, $compile_id = null, &$content, &$mtime)
{
$stmt = $this->getFetchStatement($this->fetchColumns, $id, $cache_id, $compile_id);
$stmt->execute();
$row = $stmt->fetch();
$stmt->closeCursor();
if ($row) {
$content = $this->outputContent($row[ 'content' ]);
$mtime = strtotime($row[ 'modified' ]);
......@@ -212,7 +198,6 @@ class Smarty_CacheResource_Pdo extends Smarty_CacheResource_Custom
// $stmt -> closeCursor();
// return $mtime;
// }
/**
* Save content to cache
*
......@@ -228,17 +213,14 @@ class Smarty_CacheResource_Pdo extends Smarty_CacheResource_Custom
*/
protected function save($id, $name, $cache_id = null, $compile_id = null, $exp_time, $content)
{
$stmt = $this->pdo->prepare($this->insertStatement);
$stmt->bindValue('id', $id);
$stmt->bindValue('name', $name);
$stmt->bindValue('cache_id', $cache_id, (is_null($cache_id)) ? PDO::PARAM_NULL : PDO::PARAM_STR);
$stmt->bindValue('compile_id', $compile_id, (is_null($compile_id)) ? PDO::PARAM_NULL : PDO::PARAM_STR);
$stmt->bindValue('expire', (int) $exp_time, PDO::PARAM_INT);
$stmt->bindValue('expire', (int)$exp_time, PDO::PARAM_INT);
$stmt->bindValue('content', $this->inputContent($content));
$stmt->execute();
return !!$stmt->rowCount();
}
......@@ -279,12 +261,11 @@ class Smarty_CacheResource_Pdo extends Smarty_CacheResource_Custom
*/
protected function delete($name = null, $cache_id = null, $compile_id = null, $exp_time = null)
{
// delete the whole cache
if ($name === null && $cache_id === null && $compile_id === null && $exp_time === null) {
// returning the number of deleted caches would require a second query to count them
$this->pdo->query($this->truncateStatement);
return - 1;
return -1;
}
// build the filter
$where = array();
......
......@@ -28,6 +28,11 @@ class Smarty_Resource_Mysql extends Smarty_Resource_Custom
// prepared fetchTimestamp() statement
protected $mtime;
/**
* Smarty_Resource_Mysql constructor.
*
* @throws \SmartyException
*/
public function __construct()
{
try {
......
......@@ -27,6 +27,11 @@ class Smarty_Resource_Mysqls extends Smarty_Resource_Custom
// prepared fetch() statement
protected $fetch;
/**
* Smarty_Resource_Mysqls constructor.
*
* @throws \SmartyException
*/
public function __construct()
{
try {
......
......@@ -124,7 +124,7 @@ class Smarty_Internal_Configfilelexer
* @param string $data template source
* @param Smarty_Internal_Config_File_Compiler $compiler
*/
function __construct($data, Smarty_Internal_Config_File_Compiler $compiler)
public function __construct($data, Smarty_Internal_Config_File_Compiler $compiler)
{
$this->data = $data . "\n"; //now all lines are \n-terminated
$this->dataLength = strlen($data);
......
......@@ -89,7 +89,7 @@ class Smarty_Internal_Configfileparser
* @param Smarty_Internal_Configfilelexer $lex
* @param Smarty_Internal_Config_File_Compiler $compiler
*/
function __construct(Smarty_Internal_Configfilelexer $lex, Smarty_Internal_Config_File_Compiler $compiler)
public function __construct(Smarty_Internal_Configfilelexer $lex, Smarty_Internal_Config_File_Compiler $compiler)
{
$this->lex = $lex;
$this->smarty = $compiler->smarty;
......
......@@ -215,7 +215,7 @@ class Smarty_Internal_Templatelexer
* @param string $source template source
* @param Smarty_Internal_TemplateCompilerBase $compiler
*/
function __construct($source, Smarty_Internal_TemplateCompilerBase $compiler)
public function __construct($source, Smarty_Internal_TemplateCompilerBase $compiler)
{
$this->data = $source;
$this->dataLength = strlen($this->data);
......
......@@ -147,7 +147,7 @@ class Smarty_Internal_Templateparser
* @param Smarty_Internal_Templatelexer $lex
* @param Smarty_Internal_TemplateCompilerBase $compiler
*/
function __construct(Smarty_Internal_Templatelexer $lex, Smarty_Internal_TemplateCompilerBase $compiler)
public function __construct(Smarty_Internal_Templatelexer $lex, Smarty_Internal_TemplateCompilerBase $compiler)
{
$this->lex = $lex;
$this->compiler = $compiler;
......
......@@ -54,8 +54,8 @@ class Smarty_Autoloader
if (!defined('SMARTY_SPL_AUTOLOAD')) {
define('SMARTY_SPL_AUTOLOAD', 0);
}
if (SMARTY_SPL_AUTOLOAD &&
set_include_path(get_include_path() . PATH_SEPARATOR . SMARTY_SYSPLUGINS_DIR) !== false
if (SMARTY_SPL_AUTOLOAD
&& set_include_path(get_include_path() . PATH_SEPARATOR . SMARTY_SYSPLUGINS_DIR) !== false
) {
$registeredAutoLoadFunctions = spl_autoload_functions();
if (!isset($registeredAutoLoadFunctions[ 'spl_autoload' ])) {
......
This diff is collapsed.
......@@ -28,7 +28,7 @@
/**
* @ignore
*/
require_once(dirname(__FILE__) . '/Smarty.class.php');
require_once dirname(__FILE__) . '/Smarty.class.php';
/**
* Smarty Backward Compatibility Wrapper Class
......@@ -53,7 +53,6 @@ class SmartyBC extends Smarty
/**
* Initialize new SmartyBC object
*
*/
public function __construct()
{
......@@ -131,8 +130,8 @@ class SmartyBC extends Smarty
* @internal param array $block_functs list of methods that are block format
*/
public function register_object($object, $object_impl, $allowed = array(), $smarty_args = true,
$block_methods = array())
{
$block_methods = array()
) {
settype($allowed, 'array');
settype($smarty_args, 'boolean');
$this->registerObject($object, $object_impl, $allowed, $smarty_args, $block_methods);
......
......@@ -12,6 +12,6 @@
* Load and register Smarty Autoloader
*/
if (!class_exists('Smarty_Autoloader')) {
require dirname(__FILE__) . '/Autoloader.php';
include dirname(__FILE__) . '/Autoloader.php';
}
Smarty_Autoloader::register(true);
......@@ -127,7 +127,7 @@
{foreach $assigned_vars as $vars}
<tr class="{if $vars@iteration % 2 eq 0}odd{else}even{/if}">
<td><h3><font color=blue>${$vars@key}</font></h3>
{if isset($vars['nocache'])}<b>Nocache</b></br>{/if}
{if isset($vars['nocache'])}<b>Nocache</b><br>{/if}
{if isset($vars['scope'])}<b>Origin:</b> {$vars['scope']|debug_print_var nofilter}{/if}
</td>
<td><h3>Value</h3>{$vars['value']|debug_print_var:10:80 nofilter}</td>
......
......@@ -20,7 +20,6 @@
* - indent_char - string (" ")
* - wrap_boundary - boolean (true)
*
*
* @link http://www.smarty.net/manual/en/language.function.textformat.php {textformat}
* (Smarty online manual)
*
......@@ -39,10 +38,11 @@ function smarty_block_textformat($params, $content, Smarty_Internal_Template $te
return;
}
if (Smarty::$_MBSTRING) {
$template->_checkPlugins(array(array('function' => 'smarty_modifier_mb_wordwrap',
'file' => SMARTY_PLUGINS_DIR . 'modifier.mb_wordwrap.php')));
$template->_checkPlugins(
array(array('function' => 'smarty_modifier_mb_wordwrap',
'file' => SMARTY_PLUGINS_DIR . 'modifier.mb_wordwrap.php'))
);
}
$style = null;
$indent = 0;
$indent_first = 0;
......@@ -51,47 +51,44 @@ function smarty_block_textformat($params, $content, Smarty_Internal_Template $te
$wrap_char = "\n";
$wrap_cut = false;
$assign = null;
foreach ($params as $_key => $_val) {
switch ($_key) {
case 'style':
case 'indent_char':
case 'wrap_char':
case 'assign':
$$_key = (string) $_val;
$$_key = (string)$_val;
break;
case 'indent':
case 'indent_first':
case 'wrap':
$$_key = (int) $_val;
$$_key = (int)$_val;
break;
case 'wrap_cut':
$$_key = (bool) $_val;
$$_key = (bool)$_val;
break;
default:
trigger_error("textformat: unknown attribute '{$_key}'");
}
}
if ($style === 'email') {
$wrap = 72;
}
// split into paragraphs
$_paragraphs = preg_split('![\r\n]{2}!', $content);
foreach ($_paragraphs as &$_paragraph) {
if (!$_paragraph) {
continue;
}
// convert mult. spaces & special chars to single space
$_paragraph =
preg_replace(array('!\s+!' . Smarty::$_UTF8_MODIFIER,
preg_replace(
array('!\s+!' . Smarty::$_UTF8_MODIFIER,
'!(^\s+)|(\s+$)!' . Smarty::$_UTF8_MODIFIER),
array(' ',
''), $_paragraph);
''),
$_paragraph
);
// indent first line
if ($indent_first > 0) {
$_paragraph = str_repeat($indent_char, $indent_first) . $_paragraph;
......@@ -108,7 +105,6 @@ function smarty_block_textformat($params, $content, Smarty_Internal_Template $te
}
}
$_output = implode($wrap_char . $wrap_char, $_paragraphs);
if ($assign) {
$template->assign($assign, $_output);
} else {
......
......@@ -29,7 +29,6 @@
* {cycle name=row values="one,two,three" reset=true}
* {cycle name=row}
*
*
* @link http://www.smarty.net/manual/en/language.function.cycle.php {cycle}
* (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com>
......
......@@ -5,7 +5,6 @@
* @package Smarty
* @subpackage PluginsFunction
*/
/**
* Smarty {fetch} plugin
* Type: function
......@@ -26,20 +25,16 @@ function smarty_function_fetch($params, $template)
{
if (empty($params[ 'file' ])) {
trigger_error('[plugin] fetch parameter \'file\' cannot be empty', E_USER_NOTICE);
return;
}
// strip file protocol
if (stripos($params[ 'file' ], 'file://') === 0) {
$params[ 'file' ] = substr($params[ 'file' ], 7);
}
$protocol = strpos($params[ 'file' ], '://');
if ($protocol !== false) {
$protocol = strtolower(substr($params[ 'file' ], 0, $protocol));
}
if (isset($template->smarty->security_policy)) {
if ($protocol) {
// remote resource (or php stream, …)
......@@ -53,7 +48,6 @@ function smarty_function_fetch($params, $template)
}
}
}
$content = '';
if ($protocol === 'http') {
// http fetch
......@@ -104,7 +98,6 @@ function smarty_function_fetch($params, $template)
if (!empty($param_value)) {
if (!preg_match('![\w\d-]+: .+!', $param_value)) {
trigger_error("[plugin] invalid header format '{$param_value}'", E_USER_NOTICE);
return;
} else {
$extra_headers[] = $param_value;
......@@ -118,10 +111,9 @@ function smarty_function_fetch($params, $template)
break;
case 'proxy_port':
if (!preg_match('!\D!', $param_value)) {
$proxy_port = (int) $param_value;
$proxy_port = (int)$param_value;
} else {
trigger_error("[plugin] invalid value for attribute '{$param_key }'", E_USER_NOTICE);
return;
}
break;
......@@ -137,16 +129,14 @@ function smarty_function_fetch($params, $template)
break;
case 'timeout':
if (!preg_match('!\D!', $param_value)) {
$timeout = (int) $param_value;
$timeout = (int)$param_value;
} else {
trigger_error("[plugin] invalid value for attribute '{$param_key}'", E_USER_NOTICE);
return;
}
break;
default:
trigger_error("[plugin] unrecognized attribute '{$param_key}'", E_USER_NOTICE);
return;
}
}
......@@ -156,10 +146,8 @@ function smarty_function_fetch($params, $template)
} else {
$fp = fsockopen($server_name, $port, $errno, $errstr, $timeout);
}
if (!$fp) {
trigger_error("[plugin] unable to fetch: $errstr ($errno)", E_USER_NOTICE);
return;
} else {
if ($_is_proxy) {
......@@ -187,23 +175,19 @@ function smarty_function_fetch($params, $template)
if (!empty($user) && !empty($pass)) {
fputs($fp, 'Authorization: BASIC ' . base64_encode("$user:$pass") . "\r\n");
}
fputs($fp, "\r\n");
while (!feof($fp)) {
$content .= fgets($fp, 4096);
}
fclose($fp);
$csplit = preg_split("!\r\n\r\n!", $content, 2);
$content = $csplit[ 1 ];
if (!empty($params[ 'assign_headers' ])) {
$template->assign($params[ 'assign_headers' ], preg_split("!\r\n!", $csplit[ 0 ]));
}
}
} else {
trigger_error("[plugin fetch] unable to parse URL, check syntax", E_USER_NOTICE);
return;
}
} else {
......@@ -212,7 +196,6 @@ function smarty_function_fetch($params, $template)
throw new SmartyException("{fetch} cannot read resource '" . $params[ 'file' ] . "'");
}
}
if (!empty($params[ 'assign' ])) {
$template->assign($params[ 'assign' ], $content);
} else {
......
This diff is collapsed.
......@@ -5,7 +5,6 @@
* @package Smarty
* @subpackage PluginsFunction
*/
/**
* Smarty {html_image} function plugin
* Type: function
......@@ -22,7 +21,6 @@
* - basedir - (optional) - base directory for absolute paths, default is environment variable DOCUMENT_ROOT
* - path_prefix - prefix for path output (optional, default empty)
*
*
* @link http://www.smarty.net/manual/en/language.function.html.image.php {html_image}
* (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com>
......@@ -38,9 +36,10 @@
*/
function smarty_function_html_image($params, Smarty_Internal_Template $template)
{
$template->_checkPlugins(array(array('function' => 'smarty_function_escape_special_chars',
'file' => SMARTY_PLUGINS_DIR . 'shared.escape_special_chars.php')));
$template->_checkPlugins(
array(array('function' => 'smarty_function_escape_special_chars',
'file' => SMARTY_PLUGINS_DIR . 'shared.escape_special_chars.php'))
);
$alt = '';
$file = '';
$height = '';
......@@ -60,53 +59,46 @@ function smarty_function_html_image($params, Smarty_Internal_Template $template)
case 'basedir':
$$_key = $_val;
break;
case 'alt':
if (!is_array($_val)) {
$$_key = smarty_function_escape_special_chars($_val);
} else {
throw new SmartyException ("html_image: extra attribute '{$_key}' cannot be an array", E_USER_NOTICE);
throw new SmartyException("html_image: extra attribute '{$_key}' cannot be an array",
E_USER_NOTICE);
}
break;
case 'link':
case 'href':
$prefix = '<a href="' . $_val . '">';
$suffix = '</a>';
break;
default:
if (!is_array($_val)) {
$extra .= ' ' . $_key . '="' . smarty_function_escape_special_chars($_val) . '"';
} else {
throw new SmartyException ("html_image: extra attribute '{$_key}' cannot be an array", E_USER_NOTICE);
throw new SmartyException("html_image: extra attribute '{$_key}' cannot be an array",
E_USER_NOTICE);
}
break;
}
}
if (empty($file)) {
trigger_error('html_image: missing \'file\' parameter', E_USER_NOTICE);
return;
}
if ($file[ 0 ] === '/') {
$_image_path = $basedir . $file;
} else {
$_image_path = $file;
}
// strip file protocol
if (stripos($params[ 'file' ], 'file://') === 0) {
$params[ 'file' ] = substr($params[ 'file' ], 7);
}
$protocol = strpos($params[ 'file' ], '://');
if ($protocol !== false) {
$protocol = strtolower(substr($params[ 'file' ], 0, $protocol));
}
if (isset($template->smarty->security_policy)) {
if ($protocol) {
// remote resource (or php stream, …)
......@@ -120,25 +112,20 @@ function smarty_function_html_image($params, Smarty_Internal_Template $template)
}
}
}
if (!isset($params[ 'width' ]) || !isset($params[ 'height' ])) {
// FIXME: (rodneyrehm) getimagesize() loads the complete file off a remote resource, use custom [jpg,png,gif]header reader!
if (!$_image_data = @getimagesize($_image_path)) {
if (!file_exists($_image_path)) {
trigger_error("html_image: unable to find '{$_image_path}'", E_USER_NOTICE);
return;
} elseif (!is_readable($_image_path)) {
trigger_error("html_image: unable to read '{$_image_path}'", E_USER_NOTICE);
return;
} else {
trigger_error("html_image: '{$_image_path}' is not a valid image file", E_USER_NOTICE);
return;
}
}
if (!isset($params[ 'width' ])) {
$width = $_image_data[ 0 ];
}
......@@ -146,7 +133,6 @@ function smarty_function_html_image($params, Smarty_Internal_Template $template)
$height = $_image_data[ 1 ];
}
}
if (isset($params[ 'dpi' ])) {
if (strstr($_SERVER[ 'HTTP_USER_AGENT' ], 'Mac')) {
// FIXME: (rodneyrehm) wrong dpi assumption
......@@ -159,7 +145,6 @@ function smarty_function_html_image($params, Smarty_Internal_Template $template)
$width = round($width * $_resize);
$height = round($height * $_resize);
}
return $prefix . '<img src="' . $path_prefix . $file . '" alt="' . $alt . '" width="' . $width . '" height="' .
$height . '"' . $extra . ' />' . $suffix;
}
......@@ -21,7 +21,6 @@
* - id (optional) - string default not set
* - class (optional) - string default not set
*
*
* @link http://www.smarty.net/manual/en/language.function.html.options.php {html_image}
* (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com>
......@@ -37,9 +36,10 @@
*/
function smarty_function_html_options($params, Smarty_Internal_Template $template)
{
$template->_checkPlugins(array(array('function' => 'smarty_function_escape_special_chars',
'file' => SMARTY_PLUGINS_DIR . 'shared.escape_special_chars.php')));
$template->_checkPlugins(
array(array('function' => 'smarty_function_escape_special_chars',
'file' => SMARTY_PLUGINS_DIR . 'shared.escape_special_chars.php'))
);
$name = null;
$values = null;
$options = null;
......@@ -47,74 +47,72 @@ function smarty_function_html_options($params, Smarty_Internal_Template $templat
$output = null;
$id = null;
$class = null;
$extra = '';
foreach ($params as $_key => $_val) {
switch ($_key) {
case 'name':
case 'class':
case 'id':
$$_key = (string) $_val;
$$_key = (string)$_val;
break;
case 'options':
$options = (array) $_val;
$options = (array)$_val;
break;
case 'values':
case 'output':
$$_key = array_values((array) $_val);
$$_key = array_values((array)$_val);
break;
case 'selected':
if (is_array($_val)) {
$selected = array();
foreach ($_val as $_sel) {
if (is_object($_sel)) {
if (method_exists($_sel, '__toString')) {
$_sel = smarty_function_escape_special_chars((string) $_sel->__toString());
$_sel = smarty_function_escape_special_chars((string)$_sel->__toString());
} else {
trigger_error('html_options: selected attribute contains an object of class \'' .
get_class($_sel) . '\' without __toString() method', E_USER_NOTICE);
trigger_error(
'html_options: selected attribute contains an object of class \'' .
get_class($_sel) . '\' without __toString() method',
E_USER_NOTICE
);
continue;
}
} else {
$_sel = smarty_function_escape_special_chars((string) $_sel);
$_sel = smarty_function_escape_special_chars((string)$_sel);
}
$selected[ $_sel ] = true;
}
} elseif (is_object($_val)) {
if (method_exists($_val, '__toString')) {
$selected = smarty_function_escape_special_chars((string) $_val->__toString());
$selected = smarty_function_escape_special_chars((string)$_val->__toString());
} else {
trigger_error('html_options: selected attribute is an object of class \'' . get_class($_val) .
'\' without __toString() method', E_USER_NOTICE);
trigger_error(
'html_options: selected attribute is an object of class \'' . get_class($_val) .
'\' without __toString() method',
E_USER_NOTICE
);
}
} else {
$selected = smarty_function_escape_special_chars((string) $_val);
$selected = smarty_function_escape_special_chars((string)$_val);
}
break;
case 'strict':
break;
case 'disabled':
case 'readonly':
if (!empty($params[ 'strict' ])) {
if (!is_scalar($_val)) {
trigger_error("html_options: {$_key} attribute must be a scalar, only boolean true or string '{$_key}' will actually add the attribute",
E_USER_NOTICE);
trigger_error(
"html_options: {$_key} attribute must be a scalar, only boolean true or string '{$_key}' will actually add the attribute",
E_USER_NOTICE
);
}
if ($_val === true || $_val === $_key) {
$extra .= ' ' . $_key . '="' . smarty_function_escape_special_chars($_key) . '"';
}
break;
}
// omit break; to fall through!
default:
if (!is_array($_val)) {
$extra .= ' ' . $_key . '="' . smarty_function_escape_special_chars($_val) . '"';
......@@ -124,16 +122,12 @@ function smarty_function_html_options($params, Smarty_Internal_Template $templat
break;
}
}
if (!isset($options) && !isset($values)) {
/* raise error here? */
return '';
}
$_html_result = '';
$_idx = 0;
if (isset($options)) {
foreach ($options as $_key => $_val) {
$_html_result .= smarty_function_html_options_optoutput($_key, $_val, $selected, $id, $class, $_idx);
......@@ -144,7 +138,6 @@ function smarty_function_html_options($params, Smarty_Internal_Template $templat
$_html_result .= smarty_function_html_options_optoutput($_key, $_val, $selected, $id, $class, $_idx);
}
}
if (!empty($name)) {
$_html_class = !empty($class) ? ' class="' . $class . '"' : '';
$_html_id = !empty($id) ? ' id="' . $id . '"' : '';
......@@ -152,9 +145,9 @@ function smarty_function_html_options($params, Smarty_Internal_Template $templat
'<select name="' . $name . '"' . $_html_class . $_html_id . $extra . '>' . "\n" . $_html_result .
'</select>' . "\n";
}
return $_html_result;
}
/**
* @param $key
* @param $value
......@@ -181,28 +174,36 @@ function smarty_function_html_options_optoutput($key, $value, $selected, $id, $c
$_html_id = !empty($id) ? ' id="' . $id . '-' . $idx . '"' : '';
if (is_object($value)) {
if (method_exists($value, '__toString')) {
$value = smarty_function_escape_special_chars((string) $value->__toString());
$value = smarty_function_escape_special_chars((string)$value->__toString());
} else {
trigger_error('html_options: value is an object of class \'' . get_class($value) .
'\' without __toString() method', E_USER_NOTICE);
trigger_error(
'html_options: value is an object of class \'' . get_class($value) .
'\' without __toString() method',
E_USER_NOTICE
);
return '';
}
} else {
$value = smarty_function_escape_special_chars((string) $value);
$value = smarty_function_escape_special_chars((string)$value);
}
$_html_result .= $_html_class . $_html_id . '>' . $value . '</option>' . "\n";
$idx ++;
$idx++;
} else {
$_idx = 0;
$_html_result =
smarty_function_html_options_optgroup($key, $value, $selected, !empty($id) ? ($id . '-' . $idx) : null,
$class, $_idx);
$idx ++;
smarty_function_html_options_optgroup(
$key,
$value,
$selected,
!empty($id) ? ($id . '-' . $idx) : null,
$class,
$_idx
);
$idx++;
}
return $_html_result;
}
/**
* @param $key
* @param $values
......@@ -220,6 +221,5 @@ function smarty_function_html_options_optgroup($key, $values, $selected, $id, $c
$optgroup_html .= smarty_function_html_options_optoutput($key, $value, $selected, $id, $class, $idx);
}
$optgroup_html .= "</optgroup>\n";
return $optgroup_html;
}
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
......@@ -5,7 +5,6 @@
* @package Smarty
* @subpackage PluginsFunction
*/
/**
* Smarty {html_table} function plugin
* Type: function
......@@ -35,7 +34,6 @@
* {table loop=$data cols=4 tr_attr='"bgcolor=red"'}
* {table loop=$data cols="first,second,third" tr_attr=$colors}
*
*
* @author Monte Ohrt <monte at ohrt dot com>
* @author credit to Messju Mohr <messju at lammfellpuschen dot de>
* @author credit to boots <boots dot smarty at yahoo dot com>
......@@ -61,19 +59,15 @@ function smarty_function_html_table($params)
$inner = 'cols';
$caption = '';
$loop = null;
if (!isset($params[ 'loop' ])) {
trigger_error("html_table: missing 'loop' parameter", E_USER_WARNING);
return;
}
foreach ($params as $_key => $_value) {
switch ($_key) {
case 'loop':
$$_key = (array) $_value;
$$_key = (array)$_value;
break;
case 'cols':
if (is_array($_value) && !empty($_value)) {
$cols = $_value;
......@@ -82,25 +76,22 @@ function smarty_function_html_table($params)
$cols = explode(',', $_value);
$cols_count = count($cols);
} elseif (!empty($_value)) {
$cols_count = (int) $_value;
$cols_count = (int)$_value;
} else {
$cols_count = $cols;
}
break;
case 'rows':
$$_key = (int) $_value;
$$_key = (int)$_value;
break;
case 'table_attr':
case 'trailpad':
case 'hdir':
case 'vdir':
case 'inner':
case 'caption':
$$_key = (string) $_value;
$$_key = (string)$_value;
break;
case 'tr_attr':
case 'td_attr':
case 'th_attr':
......@@ -108,7 +99,6 @@ function smarty_function_html_table($params)
break;
}
}
$loop_count = count($loop);
if (empty($params[ 'rows' ])) {
/* no rows specified */
......@@ -119,37 +109,30 @@ function smarty_function_html_table($params)
$cols_count = ceil($loop_count / $rows);
}
}
$output = "<table $table_attr>\n";
if (!empty($caption)) {
$output .= '<caption>' . $caption . "</caption>\n";
}
if (is_array($cols)) {
$cols = ($hdir === 'right') ? $cols : array_reverse($cols);
$output .= "<thead><tr>\n";
for ($r = 0; $r < $cols_count; $r ++) {
for ($r = 0; $r < $cols_count; $r++) {
$output .= '<th' . smarty_function_html_table_cycle('th', $th_attr, $r) . '>';
$output .= $cols[ $r ];
$output .= "</th>\n";
}
$output .= "</tr></thead>\n";
}
$output .= "<tbody>\n";
for ($r = 0; $r < $rows; $r ++) {
for ($r = 0; $r < $rows; $r++) {
$output .= "<tr" . smarty_function_html_table_cycle('tr', $tr_attr, $r) . ">\n";
$rx = ($vdir === 'down') ? $r * $cols_count : ($rows - 1 - $r) * $cols_count;
for ($c = 0; $c < $cols_count; $c ++) {
for ($c = 0; $c < $cols_count; $c++) {
$x = ($hdir === 'right') ? $rx + $c : $rx + $cols_count - 1 - $c;
if ($inner !== 'cols') {
/* shuffle x to loop over rows*/
$x = floor($x / $cols_count) + ($x % $cols_count) * $rows;
}
if ($x < $loop_count) {
$output .= "<td" . smarty_function_html_table_cycle('td', $td_attr, $c) . ">" . $loop[ $x ] . "</td>\n";
} else {
......@@ -160,9 +143,9 @@ function smarty_function_html_table($params)
}
$output .= "</tbody>\n";
$output .= "</table>\n";
return $output;
}
/**
* @param $name
* @param $var
......@@ -177,6 +160,5 @@ function smarty_function_html_table_cycle($name, $var, $no)
} else {
$ret = $var[ $no % count($var) ];
}
return ($ret) ? ' ' . $ret : '';
}
......@@ -5,7 +5,6 @@
* @package Smarty
* @subpackage PluginsFunction
*/
/**
* Smarty {mailto} function plugin
* Type: function
......@@ -37,7 +36,6 @@
* {mailto address="me@domain.com" cc="you@domain.com,they@domain.com"}
* {mailto address="me@domain.com" extra='class="mailto"'}
*
*
* @link http://www.smarty.net/manual/en/language.function.mailto.php {mailto}
* (Smarty online manual)
* @version 1.2
......@@ -53,15 +51,12 @@ function smarty_function_mailto($params)
static $_allowed_encoding =
array('javascript' => true, 'javascript_charcode' => true, 'hex' => true, 'none' => true);
$extra = '';
if (empty($params[ 'address' ])) {
trigger_error("mailto: missing 'address' parameter", E_USER_WARNING);
return;
} else {
$address = $params[ 'address' ];
}
$text = $address;
// netscape and mozilla do not decode %40 (@) in BCC field (bug?)
// so, don't encode it.
......@@ -77,61 +72,51 @@ function smarty_function_mailto($params)
$mail_parms[] = $var . '=' . str_replace($search, $replace, rawurlencode($value));
}
break;
case 'subject':
case 'newsgroups':
$mail_parms[] = $var . '=' . rawurlencode($value);
break;
case 'extra':
case 'text':
$$var = $value;
default:
}
}
if ($mail_parms) {
$address .= '?' . join('&', $mail_parms);
}
$encode = (empty($params[ 'encode' ])) ? 'none' : $params[ 'encode' ];
if (!isset($_allowed_encoding[ $encode ])) {
trigger_error("mailto: 'encode' parameter must be none, javascript, javascript_charcode or hex",
E_USER_WARNING);
trigger_error(
"mailto: 'encode' parameter must be none, javascript, javascript_charcode or hex",
E_USER_WARNING
);
return;
}
// FIXME: (rodneyrehm) document.write() excues me what? 1998 has passed!
if ($encode === 'javascript') {
$string = 'document.write(\'<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>\');';
$js_encode = '';
for ($x = 0, $_length = strlen($string); $x < $_length; $x ++) {
for ($x = 0, $_length = strlen($string); $x < $_length; $x++) {
$js_encode .= '%' . bin2hex($string[ $x ]);
}
return '<script type="text/javascript">eval(unescape(\'' . $js_encode . '\'))</script>';
} elseif ($encode === 'javascript_charcode') {
$string = '<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>';
for ($x = 0, $y = strlen($string); $x < $y; $x ++) {
for ($x = 0, $y = strlen($string); $x < $y; $x++) {
$ord[] = ord($string[ $x ]);
}
$_ret = "<script type=\"text/javascript\" language=\"javascript\">\n" . "{document.write(String.fromCharCode(" .
implode(',', $ord) . "))" . "}\n" . "</script>\n";
return $_ret;
} elseif ($encode === 'hex') {
preg_match('!^(.*)(\?.*)$!', $address, $match);
if (!empty($match[ 2 ])) {
trigger_error("mailto: hex encoding does not work with extra attributes. Try javascript.", E_USER_WARNING);
return;
}
$address_encode = '';
for ($x = 0, $_length = strlen($address); $x < $_length; $x ++) {
for ($x = 0, $_length = strlen($address); $x < $_length; $x++) {
if (preg_match('!\w!' . Smarty::$_UTF8_MODIFIER, $address[ $x ])) {
$address_encode .= '%' . bin2hex($address[ $x ]);
} else {
......@@ -139,12 +124,10 @@ function smarty_function_mailto($params)
}
}
$text_encode = '';
for ($x = 0, $_length = strlen($text); $x < $_length; $x ++) {
for ($x = 0, $_length = strlen($text); $x < $_length; $x++) {
$text_encode .= '&#x' . bin2hex($text[ $x ]) . ';';
}
$mailto = "&#109;&#97;&#105;&#108;&#116;&#111;&#58;";
return '<a href="' . $mailto . $address_encode . '" ' . $extra . '>' . $text_encode . '</a>';
} else {
// no encoding
......
......@@ -29,23 +29,32 @@ function smarty_modifier_capitalize($string, $uc_digits = false, $lc_rest = fals
$upper_string = mb_convert_case($string, MB_CASE_TITLE, Smarty::$_CHARSET);
} else {
// uppercase word breaks
$upper_string = preg_replace_callback("!(^|[^\p{L}'])([\p{Ll}])!S" . Smarty::$_UTF8_MODIFIER,
'smarty_mod_cap_mbconvert_cb', $string);
$upper_string = preg_replace_callback(
"!(^|[^\p{L}'])([\p{Ll}])!S" . Smarty::$_UTF8_MODIFIER,
'smarty_mod_cap_mbconvert_cb', $string
);
}
// check uc_digits case
if (!$uc_digits) {
if (preg_match_all("!\b([\p{L}]*[\p{N}]+[\p{L}]*)\b!" . Smarty::$_UTF8_MODIFIER, $string, $matches,
PREG_OFFSET_CAPTURE)) {
if (preg_match_all(
"!\b([\p{L}]*[\p{N}]+[\p{L}]*)\b!" . Smarty::$_UTF8_MODIFIER, $string, $matches,
PREG_OFFSET_CAPTURE
)
) {
foreach ($matches[ 1 ] as $match) {
$upper_string =
substr_replace($upper_string, mb_strtolower($match[ 0 ], Smarty::$_CHARSET), $match[ 1 ],
strlen($match[ 0 ]));
substr_replace(
$upper_string, mb_strtolower($match[ 0 ], Smarty::$_CHARSET), $match[ 1 ],
strlen($match[ 0 ])
);
}
}
}
$upper_string =
preg_replace_callback("!((^|\s)['\"])(\w)!" . Smarty::$_UTF8_MODIFIER, 'smarty_mod_cap_mbconvert2_cb',
$upper_string);
preg_replace_callback(
"!((^|\s)['\"])(\w)!" . Smarty::$_UTF8_MODIFIER, 'smarty_mod_cap_mbconvert2_cb',
$upper_string
);
return $upper_string;
}
......@@ -55,20 +64,27 @@ function smarty_modifier_capitalize($string, $uc_digits = false, $lc_rest = fals
}
// uppercase (including hyphenated words)
$upper_string =
preg_replace_callback("!(^|[^\p{L}'])([\p{Ll}])!S" . Smarty::$_UTF8_MODIFIER, 'smarty_mod_cap_ucfirst_cb',
$string);
preg_replace_callback(
"!(^|[^\p{L}'])([\p{Ll}])!S" . Smarty::$_UTF8_MODIFIER, 'smarty_mod_cap_ucfirst_cb',
$string
);
// check uc_digits case
if (!$uc_digits) {
if (preg_match_all("!\b([\p{L}]*[\p{N}]+[\p{L}]*)\b!" . Smarty::$_UTF8_MODIFIER, $string, $matches,
PREG_OFFSET_CAPTURE)) {
if (preg_match_all(
"!\b([\p{L}]*[\p{N}]+[\p{L}]*)\b!" . Smarty::$_UTF8_MODIFIER, $string, $matches,
PREG_OFFSET_CAPTURE
)