Changeset 2961


Ignore:
Timestamp:
Dec 9, 2008, 5:08:48 PM (15 years ago)
Author:
patdenice
Message:

Update Smarty to 2.6.21

Location:
trunk/include/smarty
Files:
6 edited

Legend:

Unmodified
Added
Removed

  • trunk/include/smarty/NEWS

    r2538 r2961  
    1 Version 2.6.20 (Aug 15th, 2008)
     1Version 2.6.21 (Dec 2nd, 2008)
     2------------------------------
     3
     4- fix  function injection security hole closed (U.Tews)
     5- fix pass expiration time at cache_handler_fuc call in core.write_cache_file.php (U.Tews)
     6- Update of compiler.class.php to allow method chaining for PHP4 and PHP5 (U.Tews)
     7
     8Version 2.6.20 (Feb 15th, 2008)
    29-------------------------------
    310

  • trunk/include/smarty/README

    r2538 r2961  
     1
    12NAME:
    23
    34    Smarty - the PHP compiling template engine
    45
    5 VERSION: 2.6.20
     6VERSION: 2.6.21
    67
    78AUTHORS:

  • trunk/include/smarty/libs/Config_File.class.php

    r2538 r2961  
    1818 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
    1919 *
    20  * @link http://smarty.php.net/
    21  * @version 2.6.20
     20 * For questions, help, comments, discussion, etc., please join the
     21 * Smarty mailing list. Send a blank e-mail to
     22 * smarty-discussion-subscribe@googlegroups.com
     23 *
     24 * @link http://www.smarty.net/
     25 * @version 2.6.19-dev
    2226 * @copyright Copyright: 2001-2005 New Digital Group, Inc.
    2327 * @author Andrei Zmievski <andrei@php.net>
     
    2630 */
    2731
    28 /* $Id: Config_File.class.php 2702 2007-03-08 19:11:22Z mohrt $ */
     32/* $Id: Config_File.class.php 2786 2008-09-18 21:04:38Z Uwe.Tews $ */
    2933
    3034/**

  • trunk/include/smarty/libs/Smarty.class.php

    r2538 r2961  
    2121 * For questions, help, comments, discussion, etc., please join the
    2222 * Smarty mailing list. Send a blank e-mail to
    23  * smarty-general-subscribe@lists.php.net
     23 * smarty-discussion-subscribe@googlegroups.com
    2424 *
    25  * @link http://smarty.php.net/
     25 * @link http://www.smarty.net/
    2626 * @copyright 2001-2005 New Digital Group, Inc.
    2727 * @author Monte Ohrt <monte at ohrt dot com>
    2828 * @author Andrei Zmievski <andrei@php.net>
    2929 * @package Smarty
    30  * @version 2.6.20
     30 * @version 2.6.21
    3131 */
    3232
    33 /* $Id: Smarty.class.php 2722 2007-06-18 14:29:00Z danilo $ */
     33/* $Id: Smarty.class.php 2785 2008-09-18 21:04:12Z Uwe.Tews $ */
    3434
    3535/**
     
    465465     * @var string
    466466     */
    467     var $_version              = '2.6.20';
     467    var $_version              = '2.6.21';
    468468
    469469    /**
     
    12931293        if ($display) {
    12941294            if (isset($_smarty_results)) { echo $_smarty_results; }
    1295         }
    1296 
    1297         if ($this->debugging) {
    1298             // capture time for debugging info
    1299             $_params = array();
    1300             require_once(SMARTY_CORE_DIR . 'core.get_microtime.php');
    1301             $this->_smarty_debug_info[$_included_tpls_idx]['exec_time'] = (smarty_core_get_microtime($_params, $this) - $_debug_start_time);
    1302         }
    1303 
    1304         if ($display) {
    13051295            if ($this->debugging) {
    13061296                // capture time for debugging info
    13071297                $_params = array();
     1298                require_once(SMARTY_CORE_DIR . 'core.get_microtime.php');
     1299                $this->_smarty_debug_info[$_included_tpls_idx]['exec_time'] = (smarty_core_get_microtime($_params, $this) - $_debug_start_time);
    13081300                require_once(SMARTY_CORE_DIR . 'core.display_debug_console.php');
    13091301                echo smarty_core_display_debug_console($_params, $this);

  • trunk/include/smarty/libs/Smarty_Compiler.class.php

    r2538 r2961  
    1919 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
    2020 *
    21  * @link http://smarty.php.net/
     21 * @link http://www.smarty.net/
    2222 * @author Monte Ohrt <monte at ohrt dot com>
    2323 * @author Andrei Zmievski <andrei@php.net>
    24  * @version 2.6.20
     24 * @version 2.6.21
    2525 * @copyright 2001-2005 New Digital Group, Inc.
    2626 * @package Smarty
    2727 */
    2828
    29 /* $Id: Smarty_Compiler.class.php 2773 2008-08-12 18:17:51Z Uwe.Tews $ */
     29/* $Id: Smarty_Compiler.class.php 2797 2008-09-22 19:26:32Z monte.ohrt $ */
    3030
    3131/**
     
    7474    var $_strip_depth           =   0;
    7575    var $_additional_newline    =   "\n";
     76   
     77    var $_phpversion            =   0;
     78
    7679
    7780    /**#@-*/
     
    8184    function Smarty_Compiler()
    8285    {
     86        $this->_phpversion = substr(phpversion(),0,1);
     87
    8388        // matches double quoted strings:
    8489        // "foobar"
     
    153158        // $foo->bar($foo->bar())
    154159        // $foo->bar($foo->bar($blah,$foo,44,"foo",$foo[0].bar))
     160        // $foo->getBar()->getFoo()
     161        // $foo->getBar()->foo
    155162        $this->_obj_ext_regexp = '\->(?:\$?' . $this->_dvar_guts_regexp . ')';
    156163        $this->_obj_restricted_param_regexp = '(?:'
    157                 . '(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . ')(?:' . $this->_obj_ext_regexp . '(?:\((?:(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . ')'
    158                 . '(?:\s*,\s*(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . '))*)?\))?)*)';
    159         $this->_obj_single_param_regexp = '(?:\w+|' . $this->_obj_restricted_param_regexp . '(?:\s*,\s*(?:(?:\w+|'
     164             . '(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . ')(?:' . $this->_obj_ext_regexp . '(?:\((?:(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . ')'
     165             . '(?:\s*,\s*(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . '))*)?\))?)*)';
     166
     167       $this->_obj_single_param_regexp = '(?:\w+|' . $this->_obj_restricted_param_regexp . '(?:\s*,\s*(?:(?:\w+|'
    160168                . $this->_var_regexp . $this->_obj_restricted_param_regexp . ')))*)';
    161         $this->_obj_params_regexp = '\((?:' . $this->_obj_single_param_regexp
     169
     170       $this->_obj_params_regexp = '\((?:' . $this->_obj_single_param_regexp
    162171                . '(?:\s*,\s*' . $this->_obj_single_param_regexp . ')*)?\)';
    163         $this->_obj_start_regexp = '(?:' . $this->_dvar_regexp . '(?:' . $this->_obj_ext_regexp . ')+)';
    164         $this->_obj_call_regexp = '(?:' . $this->_obj_start_regexp . '(?:' . $this->_obj_params_regexp . ')?(?:' . $this->_dvar_math_regexp . '(?:' . $this->_num_const_regexp . '|' . $this->_dvar_math_var_regexp . ')*)?)';
     172       $this->_obj_start_regexp = '(?:' . $this->_dvar_regexp . '(?:' . $this->_obj_ext_regexp . ')+)';
     173       $this->_obj_call_regexp = '(?:' . $this->_obj_start_regexp . '(?:' . $this->_obj_params_regexp . '(?:' . $this->_obj_ext_regexp . '(?:'.$this->_obj_params_regexp . ')?)*' . ')?(?:' . $this->_dvar_math_regexp . '(?:' . $this->_num_const_regexp . '|' . $this->_dvar_math_var_regexp . ')*)?)';
    165174       
    166175        // matches valid modifier syntax:
     
    16971706        // replace double quoted literal string with single quotes
    16981707        $_return = preg_replace('~^"([\s\w]+)"$~',"'\\1'",$_return);
     1708        // escape dollar sign if not printing a var
     1709        $_return = preg_replace('~\$(\W)~',"\\\\\$\\1",$_return);
    16991710        return $_return;
    17001711    }
     
    17101721    {
    17111722        $_has_math = false;
     1723        $_has_php4_method_chaining = false;
    17121724        $_math_vars = preg_split('~('.$this->_dvar_math_regexp.'|'.$this->_qstr_regexp.')~', $var_expr, -1, PREG_SPLIT_DELIM_CAPTURE);
    17131725
     
    18221834                        }
    18231835                    } else {
     1836                       if ($this->_phpversion < 5) {
     1837                         $_has_php4_method_chaining = true;
     1838                         $_output .= "; \$_foo = \$_foo";
     1839                       }
    18241840                        $_output .= $_index;
    18251841                    }
     
    18331849        }
    18341850
    1835         return $_output;
     1851        if ($_has_php4_method_chaining) {
     1852           $_tmp = str_replace("'","\'",'$_foo = '.$_output.'; return $_foo;');
     1853           return "eval('".$_tmp."')";
     1854        } else {
     1855           return $_output;
     1856        }
    18361857    }
    18371858

  • trunk/include/smarty/libs/internals/core.write_cache_file.php

    r2216 r2961  
    6969        // use cache_handler function
    7070        call_user_func_array($smarty->cache_handler_func,
    71                              array('write', &$smarty, &$params['results'], $params['tpl_file'], $params['cache_id'], $params['compile_id'], null));
     71                             array('write', &$smarty, &$params['results'], $params['tpl_file'], $params['cache_id'], $params['compile_id'], $smarty->_cache_info['expires']));
    7272    } else {
    7373        // use local cache file
Note: See TracChangeset for help on using the changeset viewer.