Loads security class and enables security
public enableSecurity ( string | Smarty_Security $security_class = null ) : Smarty | ||
$security_class | string | Smarty_Security | if a string is used, it must be class-name |
Результат | Smarty | current Smarty instance for chaining |
/** * 构造方法 * * @return void */ protected function __construct() { \Yaf_Loader::import(APP_PATH . 'library/Thirdpart/Smarty/libs/Smarty.class.php'); $this->_smarty = new \Smarty(); $this->_smarty->setTemplateDir(''); $this->_smarty->setCompileDir(TMP_PATH . 'smarty-compile/'); $this->_smarty->setCacheDir(TMP_PATH . 'smarty-cache/'); $this->_smarty->setPluginsDir(APP_PATH . 'library/Smarty/Plugins/'); $this->_smarty->left_delimiter = '<!--{'; $this->_smarty->right_delimiter = '}-->'; $this->_smarty->enableSecurity('Comm\\Smarty_Security_Policy'); }
function renderEntries(Search_ResultSet $entries) { global $tikipath; $smarty = new Smarty(); $smarty->setCompileDir($tikipath . 'templates_c'); $smarty->setTemplateDir(null); $smarty->setTemplateDir(dirname($this->templateFile)); $smarty->setPluginsDir(array($tikipath . TIKI_SMARTY_DIR, SMARTY_DIR . 'plugins')); $secpol = new Tiki_Security_Policy($smarty); $secpol->secure_dir[] = dirname($this->templateFile); $smarty->enableSecurity($secpol); if ($this->changeDelimiters) { $smarty->left_delimiter = '{{'; $smarty->right_delimiter = '}}'; } foreach ($this->data as $key => $value) { $smarty->assign($key, $value); } $smarty->assign('results', $entries); $smarty->assign('facets', array_map(function ($facet) { return array('name' => $facet->getName(), 'label' => $facet->getLabel(), 'options' => $facet->getOptions()); }, $entries->getFacets())); $smarty->assign('count', count($entries)); $smarty->assign('offset', $entries->getOffset()); $smarty->assign('offsetplusone', $entries->getOffset() + 1); $smarty->assign('offsetplusmaxRecords', $entries->getOffset() + $entries->getMaxRecords()); $smarty->assign('maxRecords', $entries->getMaxRecords()); return $smarty->fetch($this->templateFile); }
/** * Ksmarty singleton instance * * @return singleton */ public static function instance() { // Check if the instance already exists if (Ksmarty::$instance === NULL) { // Load Smarty if (!class_exists('Smarty', FALSE)) { require Kohana::find_file('vendor', 'smarty/Smarty.class'); } // Initialize Smarty $s = new Smarty(); // Apply configuration data $config = Kohana::$config->load('smarty'); $s->compile_dir = $config->compile_dir; $s->plugins_dir = $config->plugins_dir; $s->cache_dir = $config->cache_dir; $s->config_dir = $config->config_dir; $s->debug_tpl = $config->debug_tpl; $s->debugging_ctrl = $config->debugging_ctrl; $s->debugging = $config->debugging; $s->caching = $config->caching; $s->force_compile = $config->force_compile; // Check to see if we're using Smarty 3, in a PHP 4 compatible way if (!array_key_exists('_version', get_class_vars('Smarty'))) { // If so, we need to set the security policy using the new method if ($config->security) { if ($config->security_policy !== NULL) { $s->enableSecurity($config->security_policy); } else { // Use default settings $s->enableSecurity(); } } } else { $s->security = $config->security; } // Register the autoload filters $s->autoload_filters = array('pre' => $config->pre_filters, 'post' => $config->post_filters, 'output' => $config->output_filters); // Create the instance singleton Ksmarty::$instance = $s; } // Return the singleton return Ksmarty::$instance; }
private function init($layout) { $smarty = new \Smarty(); $smarty->setTemplateDir(App::get('root_dir') . "/template/{$layout}/tpl/"); //$smarty->template_dir = App::get('root_dir')."/template/$layout/tpl/"; $smarty->compile_dir = App::get('runtime_dir') . "/smarty"; $smarty->cache_dir = App::get('runtime_dir') . "/smarty_cache"; $smarty->config_dir = App::get('runtime_dir') . "/smarty_configs"; $smarty->error_reporting = E_ALL & ~E_NOTICE; $smarty->inheritance_merge_compiled_includes = false; if (Config::get('web.dev')) { $smarty->force_compile = true; $smarty->assign("dev", true); } else { $smarty->compile_check = false; } //var_dump(__DIR__); $smarty->addPluginsDir(__DIR__ . '/Smarty/plugins'); $my_security_policy = new \Smarty_Security($smarty); $my_security_policy->php_modifiers = array(); $my_security_policy->php_functions = array('count', 'in_array', 'is_array', 'time', 'ucfirst', 'mb_strtolower'); $smarty->enableSecurity($my_security_policy); $this->smarty = $smarty; }
public function display($content) { if (!$this->render) { if (!headers_sent() && array_count($this->_headers) > 0) { foreach ($this->_headers as $key => $val) { header($val); } } http_cache_off(); if (!Cookie::isSaved()) { cookie()->save(); } if (wasp_strlen($content) > 102400) { @ini_set('zlib.output_compression', 1); } echo $this->getDebugInfo($content); return; } $templater = new \Smarty(); $templater->enableSecurity('Wasp_Smarty_Security'); $templater->setTemplateDir($this->getThemePath() . DIR_SEP); $temp_dir = TEMP_DIR . DIR_SEP . 'smarty' . DIR_SEP . $this->getThemeName(); if (!is_dir($temp_dir)) { wasp_mkdir($temp_dir); } $templater->setCompileDir($temp_dir . DIR_SEP); if (array_count($this->_assigns) > 0) { foreach ($this->_assigns as $key => $val) { $templater->assign($key, $val); } } $templater->assign('content', $content); if (function_exists('memory_get_peak_usage')) { $templater->assign('max_mem_use', get_mem_use(true)); } else { $templater->assign('max_mem_use', '-//-'); } $out = $templater->fetch($this->_layout); if (!headers_sent() && array_count($this->_headers) > 0) { foreach ($this->_headers as $key => $val) { header($val); } } if (!Cookie::isSaved()) { cookie()->save(); } if (wasp_strlen($out) > 102400) { ini_set('zlib.output_compression', 1); } unset($templater); memory_clear(); /** * Add CSS */ if (array_count($this->_css_list) > 0) { $_ = "\n\t\t<!-- DYNAMIC CSS -->\n"; foreach ($this->_css_list as $key => $val) { if (preg_match('/^http/is', $val)) { $_ .= "\t\t<link href=\"{$val}\" rel=\"stylesheet\" type=\"text/css\" />\n"; } else { $url = $this->getThemeUrl() . '/css/' . $val; $_ .= "\t\t<link href=\"{$url}\" rel=\"stylesheet\" type=\"text/css\" />\n"; } } $out = preg_replace('#\\<\\/head\\>#is', $_ . "</head>\n", $out); unset($_, $key, $val, $url); } /** * Add JS */ if (array_count($this->_js_list) > 0) { $info = "\n\t\t<!-- :position DYNAMIC JS -->\n"; foreach ($this->_js_list as $pos => $item) { $_ = str_replace(':position', wasp_strtoupper($pos), "\n\t\t<!-- :position DYNAMIC JS -->\n"); if (array_count($item) > 0) { foreach ($item as $key => $val) { if (preg_match('/^http/is', $val)) { $_ .= "\t\t<script type=\"text/javascript\" src=\"{$val}\"></script>\n"; } else { $url = $this->getThemeUrl() . '/js/' . $val; $_ .= "\t\t<script type=\"text/javascript\" src=\"{$url}\"></script>\n"; } } $out = preg_replace("#\\<\\/{$pos}\\>#is", $_ . "</{$pos}>\n", $out); unset($_, $key, $val, $url); } } unset($pos, $item); } echo $this->getDebugInfo($out); }
public static function renderWidget(&$parser, $widgetName) { global $IP; $smarty = new Smarty(); $smarty->left_delimiter = '<!--{'; $smarty->right_delimiter = '}-->'; $smarty->compile_dir = "{$IP}/extensions/Widgets/compiled_templates/"; // registering custom Smarty plugins $smarty->addPluginsDir("{$IP}/extensions/Widgets/smarty_plugins/"); $smarty->enableSecurity(); // These settings were for Smarty v2 - they don't seem to // have an equivalent in Smarty v3. /* $smarty->security_settings = array( 'IF_FUNCS' => array( 'is_array', 'isset', 'array', 'list', 'count', 'sizeof', 'in_array', 'true', 'false', 'null' ), 'MODIFIER_FUNCS' => array( 'validate' ) ); */ // Register the Widgets extension functions. $smarty->registerResource('wiki', array(array('WidgetRenderer', 'wiki_get_template'), array('WidgetRenderer', 'wiki_get_timestamp'), array('WidgetRenderer', 'wiki_get_secure'), array('WidgetRenderer', 'wiki_get_trusted'))); $params = func_get_args(); // The first and second params are the parser and the widget // name - we already have both. array_shift($params); array_shift($params); $params_tree = array(); foreach ($params as $param) { $pair = explode('=', $param, 2); if (count($pair) == 2) { $key = trim($pair[0]); $val = trim($pair[1]); } else { $key = $param; $val = true; } if ($val == 'false') { $val = false; } /* If the name of the parameter has object notation a.b.c.d then we assign stuff to hash of hashes, not scalar */ $keys = explode('.', $key); // $subtree will be moved from top to the bottom and // at the end will point to the last level. $subtree =& $params_tree; // Go through all the keys but the last one. $last_key = array_pop($keys); foreach ($keys as $subkey) { // If next level of subtree doesn't exist yet, // create an empty one. if (!array_key_exists($subkey, $subtree)) { $subtree[$subkey] = array(); } // move to the lower level $subtree =& $subtree[$subkey]; } // last portion of the key points to itself if (isset($subtree[$last_key])) { // If this is already an array, push into it; // otherwise, convert into an array first. if (!is_array($subtree[$last_key])) { $subtree[$last_key] = array($subtree[$last_key]); } $subtree[$last_key][] = $val; } else { // doesn't exist yet, just setting a value $subtree[$last_key] = $val; } } $smarty->assign($params_tree); try { $output = $smarty->fetch("wiki:{$widgetName}"); } catch (Exception $e) { return '<div class=\\"error\\">' . wfMsgExt('widgets-desc', array('parsemag'), htmlentities($widgetName)) . '</div>'; } // Hide the widget from the parser. $output = 'ENCODED_CONTENT ' . self::$mRandomString . base64_encode($output) . ' END_ENCODED_CONTENT'; return $output; }