/** * needs a proper description * @param Smarty $smarty */ function __construct($smarty) { if (class_exists("TikiLib")) { $tikilib = TikiLib::lib('tiki'); } parent::__construct($smarty); $functions = array(); $modifiers = array(); $dirs = array(); //With phpunit and command line these don't exist yet for some reason if (isset($tikilib) && method_exists($tikilib, "get_preference")) { $functions = array_filter($tikilib->get_preference('smarty_security_functions', array(), true)); $modifiers = array_filter($tikilib->get_preference('smarty_security_modifiers', array(), true)); $dirs = array_filter($tikilib->get_preference('smarty_security_dirs', array(), true)); $cdns = preg_split('/\\s+/', $tikilib->get_preference('tiki_cdn', '')); $cdns_ssl = preg_split('/\\s+/', $tikilib->get_preference('tiki_cdn_ssl', '')); $cdn_uri = array_filter(array_merge($cdns, $cdns_ssl)); foreach ($cdn_uri as $uri) { $this->trusted_uri[] = '#' . preg_quote($uri) . '$#'; } } $functions = isset($functions) ? $functions : array(); $modifiers = isset($modifiers) ? $modifiers : array(); $this->php_modifiers = array_merge(array('nl2br', 'escape', 'count', 'addslashes', 'ucfirst', 'ucwords', 'urlencode', 'md5', 'implode', 'explode', 'is_array', 'htmlentities', 'var_dump', 'strip_tags', 'json_encode', 'stristr', 'tra'), $modifiers); $this->php_functions = array_merge(array('isset', 'empty', 'count', 'sizeof', 'in_array', 'is_array', 'time', 'nl2br', 'tra', 'strlen', 'strstr', 'strtolower', 'basename', 'ereg', 'array_key_exists', 'preg_match', 'json_encode', 'stristr', 'is_numeric', 'array', 'zone_is_empty'), $functions); $this->secure_dir = array_merge($this->secure_dir, $dirs); }
public function __construct($smarty) { parent::__construct($smarty); $config = cmsms()->GetConfig(); $this->allow_php_tag = $config['use_smarty_php_tags']; $this->php_functions = array('isset', 'empty', 'count', 'sizeof', 'in_array', 'is_array', 'time', 'lang', 'nl2br', 'file_exists', 'is_string', 'is_object', 'is_file', 'print_r', 'var_dump', 'htmlspecialchars', 'htmlspecialchars_decode'); }
public function __construct($smarty) { parent::__construct($smarty); $this->secure_dir = array(OW_DIR_THEME, OW_DIR_SYSTEM_PLUGIN, OW_DIR_PLUGIN); $this->php_functions = array('array', 'list', 'isset', 'empty', 'count', 'sizeof', 'in_array', 'is_array', 'true', 'false', 'null', 'strstr'); $this->php_modifiers = array('count'); $this->allow_constants = false; $this->allow_super_globals = false; $this->static_classes = null; }
public function __construct($smarty) { parent::__construct($smarty); $this->secure_dir[] = dirname(__FILE__); }