Changeset 2962
- Timestamp:
- Dec 9, 2008, 5:12:25 PM (15 years ago)
- Location:
- branches/2.0/include/smarty
- Files:
-
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/2.0/include/smarty/NEWS
r2538 r2962 1 Version 2.6.20 (Aug 15th, 2008) 1 Version 2.6.21 (Dec 2nd, 2008) 2 ------------------------------ 3 4 - fix function injection security hole closed (U.Tews) 5 - fix pass expiration time at cache_handler_fuc call in core.write_cache_file.php (U.Tews) 6 - Update of compiler.class.php to allow method chaining for PHP4 and PHP5 (U.Tews) 7 8 Version 2.6.20 (Feb 15th, 2008) 2 9 ------------------------------- 3 10 -
branches/2.0/include/smarty/README
r2538 r2962 1 1 2 NAME: 2 3 3 4 Smarty - the PHP compiling template engine 4 5 5 VERSION: 2.6.2 06 VERSION: 2.6.21 6 7 7 8 AUTHORS: -
branches/2.0/include/smarty/libs/Config_File.class.php
r2538 r2962 18 18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 19 19 * 20 * @link http://smarty.php.net/ 21 * @version 2.6.20 20 * For questions, help, comments, discussion, etc., please join the 21 * Smarty mailing list. Send a blank e-mail to 22 * smarty-discussion-subscribe@googlegroups.com 23 * 24 * @link http://www.smarty.net/ 25 * @version 2.6.19-dev 22 26 * @copyright Copyright: 2001-2005 New Digital Group, Inc. 23 27 * @author Andrei Zmievski <andrei@php.net> … … 26 30 */ 27 31 28 /* $Id: Config_File.class.php 27 02 2007-03-08 19:11:22Z mohrt$ */32 /* $Id: Config_File.class.php 2786 2008-09-18 21:04:38Z Uwe.Tews $ */ 29 33 30 34 /** -
branches/2.0/include/smarty/libs/Smarty.class.php
r2538 r2962 21 21 * For questions, help, comments, discussion, etc., please join the 22 22 * Smarty mailing list. Send a blank e-mail to 23 * smarty- general-subscribe@lists.php.net23 * smarty-discussion-subscribe@googlegroups.com 24 24 * 25 * @link http:// smarty.php.net/25 * @link http://www.smarty.net/ 26 26 * @copyright 2001-2005 New Digital Group, Inc. 27 27 * @author Monte Ohrt <monte at ohrt dot com> 28 28 * @author Andrei Zmievski <andrei@php.net> 29 29 * @package Smarty 30 * @version 2.6.2 030 * @version 2.6.21 31 31 */ 32 32 33 /* $Id: Smarty.class.php 27 22 2007-06-18 14:29:00Z danilo$ */33 /* $Id: Smarty.class.php 2785 2008-09-18 21:04:12Z Uwe.Tews $ */ 34 34 35 35 /** … … 465 465 * @var string 466 466 */ 467 var $_version = '2.6.2 0';467 var $_version = '2.6.21'; 468 468 469 469 /** … … 1293 1293 if ($display) { 1294 1294 if (isset($_smarty_results)) { echo $_smarty_results; } 1295 }1296 1297 if ($this->debugging) {1298 // capture time for debugging info1299 $_params = array();1300 require_once(SMARTY_CORE_DIR . 'core.get_microtime.php');1301 $this->_smarty_debug_info[$_included_tpls_idx]['exec_time'] = (smarty_core_get_microtime($_params, $this) - $_debug_start_time);1302 }1303 1304 if ($display) {1305 1295 if ($this->debugging) { 1306 1296 // capture time for debugging info 1307 1297 $_params = array(); 1298 require_once(SMARTY_CORE_DIR . 'core.get_microtime.php'); 1299 $this->_smarty_debug_info[$_included_tpls_idx]['exec_time'] = (smarty_core_get_microtime($_params, $this) - $_debug_start_time); 1308 1300 require_once(SMARTY_CORE_DIR . 'core.display_debug_console.php'); 1309 1301 echo smarty_core_display_debug_console($_params, $this); -
branches/2.0/include/smarty/libs/Smarty_Compiler.class.php
r2538 r2962 19 19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 20 20 * 21 * @link http:// smarty.php.net/21 * @link http://www.smarty.net/ 22 22 * @author Monte Ohrt <monte at ohrt dot com> 23 23 * @author Andrei Zmievski <andrei@php.net> 24 * @version 2.6.2 024 * @version 2.6.21 25 25 * @copyright 2001-2005 New Digital Group, Inc. 26 26 * @package Smarty 27 27 */ 28 28 29 /* $Id: Smarty_Compiler.class.php 27 73 2008-08-12 18:17:51Z Uwe.Tews$ */29 /* $Id: Smarty_Compiler.class.php 2797 2008-09-22 19:26:32Z monte.ohrt $ */ 30 30 31 31 /** … … 74 74 var $_strip_depth = 0; 75 75 var $_additional_newline = "\n"; 76 77 var $_phpversion = 0; 78 76 79 77 80 /**#@-*/ … … 81 84 function Smarty_Compiler() 82 85 { 86 $this->_phpversion = substr(phpversion(),0,1); 87 83 88 // matches double quoted strings: 84 89 // "foobar" … … 153 158 // $foo->bar($foo->bar()) 154 159 // $foo->bar($foo->bar($blah,$foo,44,"foo",$foo[0].bar)) 160 // $foo->getBar()->getFoo() 161 // $foo->getBar()->foo 155 162 $this->_obj_ext_regexp = '\->(?:\$?' . $this->_dvar_guts_regexp . ')'; 156 163 $this->_obj_restricted_param_regexp = '(?:' 157 . '(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . ')(?:' . $this->_obj_ext_regexp . '(?:\((?:(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . ')' 158 . '(?:\s*,\s*(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . '))*)?\))?)*)'; 159 $this->_obj_single_param_regexp = '(?:\w+|' . $this->_obj_restricted_param_regexp . '(?:\s*,\s*(?:(?:\w+|' 164 . '(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . ')(?:' . $this->_obj_ext_regexp . '(?:\((?:(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . ')' 165 . '(?:\s*,\s*(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . '))*)?\))?)*)'; 166 167 $this->_obj_single_param_regexp = '(?:\w+|' . $this->_obj_restricted_param_regexp . '(?:\s*,\s*(?:(?:\w+|' 160 168 . $this->_var_regexp . $this->_obj_restricted_param_regexp . ')))*)'; 161 $this->_obj_params_regexp = '\((?:' . $this->_obj_single_param_regexp 169 170 $this->_obj_params_regexp = '\((?:' . $this->_obj_single_param_regexp 162 171 . '(?:\s*,\s*' . $this->_obj_single_param_regexp . ')*)?\)'; 163 164 $this->_obj_call_regexp = '(?:' . $this->_obj_start_regexp . '(?:' . $this->_obj_params_regexp. ')?(?:' . $this->_dvar_math_regexp . '(?:' . $this->_num_const_regexp . '|' . $this->_dvar_math_var_regexp . ')*)?)';172 $this->_obj_start_regexp = '(?:' . $this->_dvar_regexp . '(?:' . $this->_obj_ext_regexp . ')+)'; 173 $this->_obj_call_regexp = '(?:' . $this->_obj_start_regexp . '(?:' . $this->_obj_params_regexp . '(?:' . $this->_obj_ext_regexp . '(?:'.$this->_obj_params_regexp . ')?)*' . ')?(?:' . $this->_dvar_math_regexp . '(?:' . $this->_num_const_regexp . '|' . $this->_dvar_math_var_regexp . ')*)?)'; 165 174 166 175 // matches valid modifier syntax: … … 1697 1706 // replace double quoted literal string with single quotes 1698 1707 $_return = preg_replace('~^"([\s\w]+)"$~',"'\\1'",$_return); 1708 // escape dollar sign if not printing a var 1709 $_return = preg_replace('~\$(\W)~',"\\\\\$\\1",$_return); 1699 1710 return $_return; 1700 1711 } … … 1710 1721 { 1711 1722 $_has_math = false; 1723 $_has_php4_method_chaining = false; 1712 1724 $_math_vars = preg_split('~('.$this->_dvar_math_regexp.'|'.$this->_qstr_regexp.')~', $var_expr, -1, PREG_SPLIT_DELIM_CAPTURE); 1713 1725 … … 1822 1834 } 1823 1835 } else { 1836 if ($this->_phpversion < 5) { 1837 $_has_php4_method_chaining = true; 1838 $_output .= "; \$_foo = \$_foo"; 1839 } 1824 1840 $_output .= $_index; 1825 1841 } … … 1833 1849 } 1834 1850 1835 return $_output; 1851 if ($_has_php4_method_chaining) { 1852 $_tmp = str_replace("'","\'",'$_foo = '.$_output.'; return $_foo;'); 1853 return "eval('".$_tmp."')"; 1854 } else { 1855 return $_output; 1856 } 1836 1857 } 1837 1858 -
branches/2.0/include/smarty/libs/internals/core.write_cache_file.php
r2216 r2962 69 69 // use cache_handler function 70 70 call_user_func_array($smarty->cache_handler_func, 71 array('write', &$smarty, &$params['results'], $params['tpl_file'], $params['cache_id'], $params['compile_id'], null));71 array('write', &$smarty, &$params['results'], $params['tpl_file'], $params['cache_id'], $params['compile_id'], $smarty->_cache_info['expires'])); 72 72 } else { 73 73 // use local cache file
Note: See TracChangeset
for help on using the changeset viewer.