- Timestamp:
- Jul 15, 2009, 1:41:41 PM (15 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/2.0/include/smarty/libs/Smarty_Compiler.class.php
r3001 r3583 19 19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 20 20 * 21 * @link http:// www.smarty.net/21 * @link http://smarty.php.net/ 22 22 * @author Monte Ohrt <monte at ohrt dot com> 23 23 * @author Andrei Zmievski <andrei@php.net> 24 * @version 2.6.2 224 * @version 2.6.26 25 25 * @copyright 2001-2005 New Digital Group, Inc. 26 26 * @package Smarty 27 27 */ 28 28 29 /* $Id: Smarty_Compiler.class.php 2966 2008-12-08 15:10:03Z monte.ohrt $ */29 /* $Id: Smarty_Compiler.class.php 3163 2009-06-17 14:39:24Z monte.ohrt $ */ 30 30 31 31 /** … … 74 74 var $_strip_depth = 0; 75 75 var $_additional_newline = "\n"; 76 77 var $_phpversion = 0;78 79 76 80 77 /**#@-*/ … … 84 81 function Smarty_Compiler() 85 82 { 86 $this->_phpversion = substr(phpversion(),0,1);87 88 83 // matches double quoted strings: 89 84 // "foobar" … … 158 153 // $foo->bar($foo->bar()) 159 154 // $foo->bar($foo->bar($blah,$foo,44,"foo",$foo[0].bar)) 160 // $foo->getBar()->getFoo()161 // $foo->getBar()->foo162 155 $this->_obj_ext_regexp = '\->(?:\$?' . $this->_dvar_guts_regexp . ')'; 163 156 $this->_obj_restricted_param_regexp = '(?:' 164 . '(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . ')(?:' . $this->_obj_ext_regexp . '(?:\((?:(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . ')' 165 . '(?:\s*,\s*(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . '))*)?\))?)*)'; 166 167 $this->_obj_single_param_regexp = '(?:\w+|' . $this->_obj_restricted_param_regexp . '(?:\s*,\s*(?:(?:\w+|' 157 . '(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . ')(?:' . $this->_obj_ext_regexp . '(?:\((?:(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . ')' 158 . '(?:\s*,\s*(?:' . $this->_var_regexp . '|' . $this->_num_const_regexp . '))*)?\))?)*)'; 159 $this->_obj_single_param_regexp = '(?:\w+|' . $this->_obj_restricted_param_regexp . '(?:\s*,\s*(?:(?:\w+|' 168 160 . $this->_var_regexp . $this->_obj_restricted_param_regexp . ')))*)'; 169 170 $this->_obj_params_regexp = '\((?:' . $this->_obj_single_param_regexp 161 $this->_obj_params_regexp = '\((?:' . $this->_obj_single_param_regexp 171 162 . '(?:\s*,\s*' . $this->_obj_single_param_regexp . ')*)?\)'; 172 $this->_obj_start_regexp = '(?:' . $this->_dvar_regexp . '(?:' . $this->_obj_ext_regexp . ')+)';173 $this->_obj_call_regexp = '(?:' . $this->_obj_start_regexp . '(?:' . $this->_obj_params_regexp . ')?(?:' . $this->_dvar_math_regexp . '(?:' . $this->_num_const_regexp . '|' . $this->_dvar_math_var_regexp . ')*)?)';163 $this->_obj_start_regexp = '(?:' . $this->_dvar_regexp . '(?:' . $this->_obj_ext_regexp . ')+)'; 164 $this->_obj_call_regexp = '(?:' . $this->_obj_start_regexp . '(?:' . $this->_obj_params_regexp . ')?(?:' . $this->_dvar_math_regexp . '(?:' . $this->_num_const_regexp . '|' . $this->_dvar_math_var_regexp . ')*)?)'; 174 165 175 166 // matches valid modifier syntax: … … 1706 1697 // replace double quoted literal string with single quotes 1707 1698 $_return = preg_replace('~^"([\s\w]+)"$~',"'\\1'",$_return); 1708 // escape dollar sign if not printing a var1709 $_return = preg_replace('~\$(\W)~',"\\\\\$\\1",$_return);1710 1699 return $_return; 1711 1700 } … … 1721 1710 { 1722 1711 $_has_math = false; 1723 $_has_php4_method_chaining = false;1724 1712 $_math_vars = preg_split('~('.$this->_dvar_math_regexp.'|'.$this->_qstr_regexp.')~', $var_expr, -1, PREG_SPLIT_DELIM_CAPTURE); 1725 1713 … … 1834 1822 } 1835 1823 } else { 1836 if ($this->_phpversion < 5) {1837 $_has_php4_method_chaining = true;1838 $_output .= "; \$_foo = \$_foo";1839 }1840 1824 $_output .= $_index; 1841 1825 } … … 1849 1833 } 1850 1834 1851 if ($_has_php4_method_chaining) { 1852 $_tmp = str_replace("'","\'",'$_foo = '.$_output.'; return $_foo;'); 1853 return "eval('".$_tmp."')"; 1854 } else { 1855 return $_output; 1856 } 1835 return $_output; 1857 1836 } 1858 1837 … … 2069 2048 2070 2049 case 'get': 2071 $compiled_ref = ($this->request_use_auto_globals) ? '$_GET' : "\$GLOBALS['HTTP_GET_VARS']"; 2050 if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) { 2051 $this->_syntax_error("(secure mode) super global access not permitted", 2052 E_USER_WARNING, __FILE__, __LINE__); 2053 return; 2054 } 2055 $compiled_ref = "\$_GET"; 2072 2056 break; 2073 2057 2074 2058 case 'post': 2075 $compiled_ref = ($this->request_use_auto_globals) ? '$_POST' : "\$GLOBALS['HTTP_POST_VARS']"; 2059 if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) { 2060 $this->_syntax_error("(secure mode) super global access not permitted", 2061 E_USER_WARNING, __FILE__, __LINE__); 2062 return; 2063 } 2064 $compiled_ref = "\$_POST"; 2076 2065 break; 2077 2066 2078 2067 case 'cookies': 2079 $compiled_ref = ($this->request_use_auto_globals) ? '$_COOKIE' : "\$GLOBALS['HTTP_COOKIE_VARS']"; 2068 if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) { 2069 $this->_syntax_error("(secure mode) super global access not permitted", 2070 E_USER_WARNING, __FILE__, __LINE__); 2071 return; 2072 } 2073 $compiled_ref = "\$_COOKIE"; 2080 2074 break; 2081 2075 2082 2076 case 'env': 2083 $compiled_ref = ($this->request_use_auto_globals) ? '$_ENV' : "\$GLOBALS['HTTP_ENV_VARS']"; 2077 if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) { 2078 $this->_syntax_error("(secure mode) super global access not permitted", 2079 E_USER_WARNING, __FILE__, __LINE__); 2080 return; 2081 } 2082 $compiled_ref = "\$_ENV"; 2084 2083 break; 2085 2084 2086 2085 case 'server': 2087 $compiled_ref = ($this->request_use_auto_globals) ? '$_SERVER' : "\$GLOBALS['HTTP_SERVER_VARS']"; 2086 if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) { 2087 $this->_syntax_error("(secure mode) super global access not permitted", 2088 E_USER_WARNING, __FILE__, __LINE__); 2089 return; 2090 } 2091 $compiled_ref = "\$_SERVER"; 2088 2092 break; 2089 2093 2090 2094 case 'session': 2091 $compiled_ref = ($this->request_use_auto_globals) ? '$_SESSION' : "\$GLOBALS['HTTP_SESSION_VARS']"; 2095 if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) { 2096 $this->_syntax_error("(secure mode) super global access not permitted", 2097 E_USER_WARNING, __FILE__, __LINE__); 2098 return; 2099 } 2100 $compiled_ref = "\$_SESSION"; 2092 2101 break; 2093 2102 … … 2097 2106 */ 2098 2107 case 'request': 2108 if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) { 2109 $this->_syntax_error("(secure mode) super global access not permitted", 2110 E_USER_WARNING, __FILE__, __LINE__); 2111 return; 2112 } 2099 2113 if ($this->request_use_auto_globals) { 2100 $compiled_ref = '$_REQUEST';2114 $compiled_ref = "\$_REQUEST"; 2101 2115 break; 2102 2116 } else {
Note: See TracChangeset
for help on using the changeset viewer.