]> git.sur5r.net Git - contagged/commitdiff
Upgrade smarty from 2.6.18 to 2.6.30
authorChristian Weiske <cweiske@cweiske.de>
Fri, 11 Aug 2017 19:42:30 +0000 (21:42 +0200)
committerChristian Weiske <cweiske@cweiske.de>
Fri, 11 Aug 2017 19:42:30 +0000 (21:42 +0200)
13 files changed:
inc/smarty/Config_File.class.php
inc/smarty/Smarty.class.php
inc/smarty/Smarty_Compiler.class.php
inc/smarty/internals/core.assemble_plugin_filepath.php
inc/smarty/internals/core.process_compiled_include.php
inc/smarty/internals/core.write_cache_file.php
inc/smarty/plugins/compiler.assign.php
inc/smarty/plugins/function.cycle.php
inc/smarty/plugins/function.fetch.php
inc/smarty/plugins/function.math.php
inc/smarty/plugins/modifier.escape.php
inc/smarty/plugins/modifier.regex_replace.php
inc/smarty/plugins/outputfilter.trimwhitespace.php

index 3d7c1b493370bf4d73792aa8d1cfbd4dd435ec40..6d8c2987fc567b44b8076e9c29ab7b39b107f230 100644 (file)
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  *
- * @link http://smarty.php.net/
- * @version 2.6.18
+ * For questions, help, comments, discussion, etc., please join the
+ * Smarty mailing list. Send a blank e-mail to
+ * smarty-discussion-subscribe@googlegroups.com 
+ *
+ * @link http://www.smarty.net/
+ * @version 2.6.25-dev
  * @copyright Copyright: 2001-2005 New Digital Group, Inc.
  * @author Andrei Zmievski <andrei@php.net>
  * @access public
  * @package Smarty
  */
 
-/* $Id: Config_File.class.php,v 1.88 2007/03/06 10:40:06 messju Exp $ */
+/* $Id$ */
 
 /**
  * Config file reading class
@@ -69,7 +73,7 @@ class Config_File {
      *
      * @param string $config_path (optional) path to the config files
      */
-    function Config_File($config_path = NULL)
+    public function __construct($config_path = NULL)
     {
         if (isset($config_path))
             $this->set_path($config_path);
index f05e0dadeb2da842bcdde06e9f2bf0b8c81d0a37..41d53706ff6ea662ce7943cbe3df8eda226e8afb 100644 (file)
  *
  * For questions, help, comments, discussion, etc., please join the
  * Smarty mailing list. Send a blank e-mail to
- * smarty-general-subscribe@lists.php.net
+ * smarty-discussion-subscribe@googlegroups.com
  *
- * @link http://smarty.php.net/
+ * @link http://www.smarty.net/
  * @copyright 2001-2005 New Digital Group, Inc.
  * @author Monte Ohrt <monte at ohrt dot com>
  * @author Andrei Zmievski <andrei@php.net>
  * @package Smarty
- * @version 2.6.18
+ * @version 2.6.30
  */
 
-/* $Id: Smarty.class.php,v 1.528 2007/03/06 10:40:06 messju Exp $ */
+/* $Id$ */
 
 /**
  * DIR_SEP isn't used anymore, but third party apps might
@@ -107,7 +107,7 @@ class Smarty
     /**
      * When set, smarty does uses this value as error_reporting-level.
      *
-     * @var boolean
+     * @var integer
      */
     var $error_reporting  =  null;
 
@@ -236,7 +236,8 @@ class Smarty
                                     'INCLUDE_ANY'     => false,
                                     'PHP_TAGS'        => false,
                                     'MODIFIER_FUNCS'  => array('count'),
-                                    'ALLOW_CONSTANTS'  => false
+                                    'ALLOW_CONSTANTS'  => false,
+                                    'ALLOW_SUPER_GLOBALS' => true
                                    );
 
     /**
@@ -464,7 +465,7 @@ class Smarty
      *
      * @var string
      */
-    var $_version              = '2.6.18';
+    var $_version              = '2.6.30';
 
     /**
      * current template inclusion depth
@@ -561,11 +562,17 @@ class Smarty
      */
     var $_cache_including = false;
 
+    /**
+     * plugin filepath cache
+     *
+     * @var array
+     */
+    var $_filepaths_cache = array();
     /**#@-*/
     /**
      * The class constructor.
      */
-    function Smarty()
+    public function __construct()
     {
       $this->assign('SCRIPT_NAME', isset($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME']
                     : @$GLOBALS['HTTP_SERVER_VARS']['SCRIPT_NAME']);
@@ -838,69 +845,66 @@ class Smarty
      * Registers a prefilter function to apply
      * to a template before compiling
      *
-     * @param string $function name of PHP function to register
+     * @param callback $function
      */
     function register_prefilter($function)
     {
-    $_name = (is_array($function)) ? $function[1] : $function;
-        $this->_plugins['prefilter'][$_name]
+        $this->_plugins['prefilter'][$this->_get_filter_name($function)]
             = array($function, null, null, false);
     }
 
     /**
      * Unregisters a prefilter function
      *
-     * @param string $function name of PHP function
+     * @param callback $function
      */
     function unregister_prefilter($function)
     {
-        unset($this->_plugins['prefilter'][$function]);
+        unset($this->_plugins['prefilter'][$this->_get_filter_name($function)]);
     }
 
     /**
      * Registers a postfilter function to apply
      * to a compiled template after compilation
      *
-     * @param string $function name of PHP function to register
+     * @param callback $function
      */
     function register_postfilter($function)
     {
-    $_name = (is_array($function)) ? $function[1] : $function;
-        $this->_plugins['postfilter'][$_name]
+        $this->_plugins['postfilter'][$this->_get_filter_name($function)]
             = array($function, null, null, false);
     }
 
     /**
      * Unregisters a postfilter function
      *
-     * @param string $function name of PHP function
+     * @param callback $function
      */
     function unregister_postfilter($function)
     {
-        unset($this->_plugins['postfilter'][$function]);
+        unset($this->_plugins['postfilter'][$this->_get_filter_name($function)]);
     }
 
     /**
      * Registers an output filter function to apply
      * to a template output
      *
-     * @param string $function name of PHP function
+     * @param callback $function
      */
     function register_outputfilter($function)
     {
-    $_name = (is_array($function)) ? $function[1] : $function;
-        $this->_plugins['outputfilter'][$_name]
+        $this->_plugins['outputfilter'][$this->_get_filter_name($function)]
             = array($function, null, null, false);
     }
 
     /**
      * Unregisters an outputfilter function
      *
-     * @param string $function name of PHP function
+     * @param callback $function
      */
     function unregister_outputfilter($function)
     {
-        unset($this->_plugins['outputfilter'][$function]);
+        unset($this->_plugins['outputfilter'][$this->_get_filter_name($function)]);
     }
 
     /**
@@ -1060,7 +1064,7 @@ class Smarty
         } else {
             // var non-existant, return valid reference
             $_tmp = null;
-            return $_tmp;   
+            return $_tmp;
         }
     }
 
@@ -1092,7 +1096,8 @@ class Smarty
      */
     function trigger_error($error_msg, $error_type = E_USER_WARNING)
     {
-        trigger_error("Smarty error: $error_msg", $error_type);
+        $msg = htmlentities($error_msg);
+        trigger_error("Smarty error: $msg", $error_type);
     }
 
 
@@ -1119,7 +1124,7 @@ class Smarty
     function fetch($resource_name, $cache_id = null, $compile_id = null, $display = false)
     {
         static $_cache_info = array();
-        
+
         $_smarty_old_error_level = $this->debugging ? error_reporting() : error_reporting(isset($this->error_reporting)
                ? $this->error_reporting : error_reporting() & ~E_NOTICE);
 
@@ -1551,7 +1556,7 @@ class Smarty
                         $params['source_content'] = $this->_read_file($_resource_name);
                     }
                     $params['resource_timestamp'] = filemtime($_resource_name);
-                    $_return = is_file($_resource_name);
+                    $_return = is_file($_resource_name) && is_readable($_resource_name);
                     break;
 
                 default:
@@ -1714,7 +1719,7 @@ class Smarty
      */
     function _read_file($filename)
     {
-        if ( file_exists($filename) && ($fd = @fopen($filename, 'rb')) ) {
+        if ( file_exists($filename) && is_readable($filename) && ($fd = @fopen($filename, 'rb')) ) {
             $contents = '';
             while (!feof($fd)) {
                 $contents .= fread($fd, 8192);
@@ -1935,6 +1940,25 @@ class Smarty
     {
         return eval($code);
     }
+
+    /**
+     * Extracts the filter name from the given callback
+     *
+     * @param callback $function
+     * @return string
+     */
+       function _get_filter_name($function)
+       {
+               if (is_array($function)) {
+                       $_class_name = (is_object($function[0]) ?
+                               get_class($function[0]) : $function[0]);
+                       return $_class_name . '_' . $function[1];
+               }
+               else {
+                       return $function;
+               }
+       }
+
     /**#@-*/
 
 }
index f54cc2112a8ebc8e2bbe9850a4e386962b3f3110..00602150555fd6bbd77642be003f690952ce1577 100644 (file)
  * @link http://smarty.php.net/
  * @author Monte Ohrt <monte at ohrt dot com>
  * @author Andrei Zmievski <andrei@php.net>
- * @version 2.6.18
+ * @version 2.6.25-dev
  * @copyright 2001-2005 New Digital Group, Inc.
  * @package Smarty
  */
 
-/* $Id: Smarty_Compiler.class.php,v 1.395 2007/03/06 10:40:06 messju Exp $ */
+/* $Id$ */
 
 /**
  * Template compiling class
@@ -78,7 +78,7 @@ class Smarty_Compiler extends Smarty {
     /**
      * The class constructor.
      */
-    function Smarty_Compiler()
+    public function __construct()
     {
         // matches double quoted strings:
         // "foobar"
@@ -262,11 +262,11 @@ class Smarty_Compiler extends Smarty {
         reset($this->_folded_blocks);
 
         /* replace special blocks by "{php}" */
-        $source_content = preg_replace($search.'e', "'"
+        $source_content = preg_replace_callback($search, create_function ('$matches', "return '"
                                        . $this->_quote_replace($this->left_delimiter) . 'php'
-                                       . "' . str_repeat(\"\n\", substr_count('\\0', \"\n\")) .'"
+                                       . "' . str_repeat(\"\n\", substr_count('\$matches[1]', \"\n\")) .'"
                                        . $this->_quote_replace($this->right_delimiter)
-                                       . "'"
+                                       . "';")
                                        , $source_content);
 
         /* Gather all template tags. */
@@ -869,7 +869,7 @@ class Smarty_Compiler extends Smarty {
             // traditional argument format
             $args = implode(',', array_values($attrs));
             if (empty($args)) {
-                $args = 'null';
+                $args = '';
             }
         }
 
@@ -1171,7 +1171,7 @@ class Smarty_Compiler extends Smarty {
         }
         $item = $this->_dequote($attrs['item']);
         if (!preg_match('~^\w+$~', $item)) {
-            return $this->_syntax_error("'foreach: 'item' must be a variable name (literal string)", E_USER_ERROR, __FILE__, __LINE__);
+            return $this->_syntax_error("foreach: 'item' must be a variable name (literal string)", E_USER_ERROR, __FILE__, __LINE__);
         }
 
         if (isset($attrs['key'])) {
@@ -1222,23 +1222,21 @@ class Smarty_Compiler extends Smarty {
         $attrs = $this->_parse_attrs($tag_args);
 
         if ($start) {
-            if (isset($attrs['name']))
-                $buffer = $attrs['name'];
-            else
-                $buffer = "'default'";
-
-            if (isset($attrs['assign']))
-                $assign = $attrs['assign'];
-            else
-                $assign = null;
+            $buffer = isset($attrs['name']) ? $attrs['name'] : "'default'";
+            $assign = isset($attrs['assign']) ? $attrs['assign'] : null;
+            $append = isset($attrs['append']) ? $attrs['append'] : null;
+            
             $output = "<?php ob_start(); ?>";
-            $this->_capture_stack[] = array($buffer, $assign);
+            $this->_capture_stack[] = array($buffer, $assign, $append);
         } else {
-            list($buffer, $assign) = array_pop($this->_capture_stack);
+            list($buffer, $assign, $append) = array_pop($this->_capture_stack);
             $output = "<?php \$this->_smarty_vars['capture'][$buffer] = ob_get_contents(); ";
             if (isset($assign)) {
                 $output .= " \$this->assign($assign, ob_get_contents());";
             }
+            if (isset($append)) {
+                $output .= " \$this->append($append, ob_get_contents());";
+            }
             $output .= "ob_end_clean(); ?>";
         }
 
@@ -1365,9 +1363,14 @@ class Smarty_Compiler extends Smarty {
                     /* If last token was a ')', we operate on the parenthesized
                        expression. The start of the expression is on the stack.
                        Otherwise, we operate on the last encountered token. */
-                    if ($tokens[$i-1] == ')')
+                    if ($tokens[$i-1] == ')') {
                         $is_arg_start = array_pop($is_arg_stack);
-                    else
+                        if ($is_arg_start != 0) {
+                            if (preg_match('~^' . $this->_func_regexp . '$~', $tokens[$is_arg_start-1])) {
+                                $is_arg_start--;
+                            } 
+                        } 
+                    } else
                         $is_arg_start = $i-1;
                     /* Construct the argument for 'is' expression, so it knows
                        what to operate on. */
@@ -2044,27 +2047,57 @@ class Smarty_Compiler extends Smarty {
                 break;
 
             case 'get':
-                $compiled_ref = ($this->request_use_auto_globals) ? '$_GET' : "\$GLOBALS['HTTP_GET_VARS']";
+                if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
+                    $this->_syntax_error("(secure mode) super global access not permitted",
+                                         E_USER_WARNING, __FILE__, __LINE__);
+                    return;
+                }
+                $compiled_ref = "\$_GET";
                 break;
 
             case 'post':
-                $compiled_ref = ($this->request_use_auto_globals) ? '$_POST' : "\$GLOBALS['HTTP_POST_VARS']";
+                if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
+                    $this->_syntax_error("(secure mode) super global access not permitted",
+                                         E_USER_WARNING, __FILE__, __LINE__);
+                    return;
+                }
+                $compiled_ref = "\$_POST";
                 break;
 
             case 'cookies':
-                $compiled_ref = ($this->request_use_auto_globals) ? '$_COOKIE' : "\$GLOBALS['HTTP_COOKIE_VARS']";
+                if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
+                    $this->_syntax_error("(secure mode) super global access not permitted",
+                                         E_USER_WARNING, __FILE__, __LINE__);
+                    return;
+                }
+                $compiled_ref = "\$_COOKIE";
                 break;
 
             case 'env':
-                $compiled_ref = ($this->request_use_auto_globals) ? '$_ENV' : "\$GLOBALS['HTTP_ENV_VARS']";
+                if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
+                    $this->_syntax_error("(secure mode) super global access not permitted",
+                                         E_USER_WARNING, __FILE__, __LINE__);
+                    return;
+                }
+                $compiled_ref = "\$_ENV";
                 break;
 
             case 'server':
-                $compiled_ref = ($this->request_use_auto_globals) ? '$_SERVER' : "\$GLOBALS['HTTP_SERVER_VARS']";
+                if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
+                    $this->_syntax_error("(secure mode) super global access not permitted",
+                                         E_USER_WARNING, __FILE__, __LINE__);
+                    return;
+                }
+                $compiled_ref = "\$_SERVER";
                 break;
 
             case 'session':
-                $compiled_ref = ($this->request_use_auto_globals) ? '$_SESSION' : "\$GLOBALS['HTTP_SESSION_VARS']";
+                if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
+                    $this->_syntax_error("(secure mode) super global access not permitted",
+                                         E_USER_WARNING, __FILE__, __LINE__);
+                    return;
+                }
+                $compiled_ref = "\$_SESSION";
                 break;
 
             /*
@@ -2072,8 +2105,13 @@ class Smarty_Compiler extends Smarty {
              * compiler.
              */
             case 'request':
+                if ($this->security && !$this->security_settings['ALLOW_SUPER_GLOBALS']) {
+                    $this->_syntax_error("(secure mode) super global access not permitted",
+                                         E_USER_WARNING, __FILE__, __LINE__);
+                    return;
+                }
                 if ($this->request_use_auto_globals) {
-                    $compiled_ref = '$_REQUEST';
+                    $compiled_ref = "\$_REQUEST";
                     break;
                 } else {
                     $this->_init_smarty_vars = true;
@@ -2084,7 +2122,7 @@ class Smarty_Compiler extends Smarty {
                 return null;
 
             case 'template':
-                $compiled_ref = "'$this->_current_file'";
+                $compiled_ref = "'" . addslashes($this->_current_file) . "'";
                 $_max_index = 1;
                 break;
 
index 690d3ddbc24cbc05b142a0493efa7cf66f32e43c..22c02483fcd23f8eaceec426c5b43e763feb0355 100644 (file)
  */
 function smarty_core_assemble_plugin_filepath($params, &$smarty)
 {
-    static $_filepaths_cache = array();
-
     $_plugin_filename = $params['type'] . '.' . $params['name'] . '.php';
-    if (isset($_filepaths_cache[$_plugin_filename])) {
-        return $_filepaths_cache[$_plugin_filename];
+    if (isset($smarty->_filepaths_cache[$_plugin_filename])) {
+        return $smarty->_filepaths_cache[$_plugin_filename];
     }
     $_return = false;
 
@@ -58,7 +56,7 @@ function smarty_core_assemble_plugin_filepath($params, &$smarty)
             }
         }
     }
-    $_filepaths_cache[$_plugin_filename] = $_return;
+    $smarty->_filepaths_cache[$_plugin_filename] = $_return;
     return $_return;
 }
 
index d539423bf740ee58787d4352a9e83b2990696b1f..904d59745288b54da60c92397a8fb854556d297c 100644 (file)
@@ -25,7 +25,7 @@ function smarty_core_process_compiled_include($params, &$smarty)
         $smarty->_include($_include_file_path, true);
     }
 
-    foreach ($smarty->_cache_serials as $_include_file_path=>$_cache_serial) {
+    foreach ($smarty->_cache_info['cache_serials'] as $_include_file_path=>$_cache_serial) {
         $_return = preg_replace_callback('!(\{nocache\:('.$_cache_serial.')#(\d+)\})!s',
                                          array(&$smarty, '_process_compiled_include_callback'),
                                          $_return);
index 72f785b74ef07a0eea7ede689262409b246eccec..fa3cdd746d7342f055f269aa23dc4f40fb41fe4b 100644 (file)
@@ -68,7 +68,7 @@ function smarty_core_write_cache_file($params, &$smarty)
     if (!empty($smarty->cache_handler_func)) {
         // use cache_handler function
         call_user_func_array($smarty->cache_handler_func,
-                             array('write', &$smarty, &$params['results'], $params['tpl_file'], $params['cache_id'], $params['compile_id'], null));
+                             array('write', &$smarty, &$params['results'], $params['tpl_file'], $params['cache_id'], $params['compile_id'], $smarty->_cache_info['expires']));
     } else {
         // use local cache file
 
index be1729850197a6bcbd5c0b82bfaaadc59fe50043..abef377f8c45a253a95661af4b65a2a034658b36 100644 (file)
@@ -14,7 +14,7 @@
  * @link http://smarty.php.net/manual/en/language.custom.functions.php#LANGUAGE.FUNCTION.ASSIGN {assign}
  *       (Smarty online manual)
  * @author Monte Ohrt <monte at ohrt dot com> (initial author)
- * @auther messju mohr <messju at lammfellpuschen dot de> (conversion to compiler function)
+ * @author messju mohr <messju at lammfellpuschen dot de> (conversion to compiler function)
  * @param string containing var-attribute and value-attribute
  * @param Smarty_Compiler
  */
index fe78bb87da02a617af79964a02c944543c68c27b..80378b7f96c1ad70be5ff1b17018f9ea0c9cde2b 100644 (file)
@@ -63,7 +63,11 @@ function smarty_function_cycle($params, &$smarty)
         $cycle_vars[$name]['values'] = $params['values'];
     }
 
-    $cycle_vars[$name]['delimiter'] = (isset($params['delimiter'])) ? $params['delimiter'] : ',';
+    if (isset($params['delimiter'])) {
+        $cycle_vars[$name]['delimiter'] = $params['delimiter'];
+    } elseif (!isset($cycle_vars[$name]['delimiter'])) {
+        $cycle_vars[$name]['delimiter'] = ',';       
+    }
     
     if(is_array($cycle_vars[$name]['values'])) {
         $cycle_array = $cycle_vars[$name]['values'];
index 81b1bfc6b9a03f916fcdb62209f6f458c5e712e5..d72c7b1f9e832ea6f887fa083df2908aafe0222a 100644 (file)
@@ -181,12 +181,12 @@ function smarty_function_fetch($params, &$smarty)
                         $content .= fgets($fp,4096);
                     }
                     fclose($fp);
-                    $csplit = split("\r\n\r\n",$content,2);
+                    $csplit = preg_split("!\r\n\r\n!",$content,2);
 
                     $content = $csplit[1];
 
                     if(!empty($params['assign_headers'])) {
-                        $smarty->assign($params['assign_headers'],split("\r\n",$csplit[0]));
+                        $smarty->assign($params['assign_headers'],preg_split("!\r\n!",$csplit[0]));
                     }
                 }
             } else {
index 71672fea41f6c9a81bd848d938952b256ba7f00d..655fe728d538a94c33222fc15a45212ed3e3c923 100644 (file)
 <?php
 /**
  * Smarty plugin
- * @package Smarty
- * @subpackage plugins
+ * This plugin is only for Smarty2 BC
+ *
+ * @package    Smarty
+ * @subpackage PluginsFunction
  */
 
-
 /**
  * Smarty {math} function plugin
- *
  * Type:     function<br>
  * Name:     math<br>
- * Purpose:  handle math computations in template<br>
- * @link http://smarty.php.net/manual/en/language.function.math.php {math}
- *          (Smarty online manual)
+ * Purpose:  handle math computations in template
+ *
+ * @link     http://www.smarty.net/manual/en/language.function.math.php {math}
+ *           (Smarty online manual)
  * @author   Monte Ohrt <monte at ohrt dot com>
- * @param array
- * @param Smarty
- * @return string
+ *
+ * @param array                    $params   parameters
+ * @param Smarty_Internal_Template $template template object
+ *
+ * @return string|null
  */
-function smarty_function_math($params, &$smarty)
+function smarty_function_math($params, $template)
 {
+    static $_allowed_funcs =
+        array('int' => true, 'abs' => true, 'ceil' => true, 'cos' => true, 'exp' => true, 'floor' => true,
+              'log' => true, 'log10' => true, 'max' => true, 'min' => true, 'pi' => true, 'pow' => true, 'rand' => true,
+              'round' => true, 'sin' => true, 'sqrt' => true, 'srand' => true, 'tan' => true);
     // be sure equation parameter is present
-    if (empty($params['equation'])) {
-        $smarty->trigger_error("math: missing equation parameter");
+    if (empty($params[ 'equation' ])) {
+        trigger_error("math: missing equation parameter", E_USER_WARNING);
+
         return;
     }
 
-    $equation = $params['equation'];
+    $equation = $params[ 'equation' ];
 
     // make sure parenthesis are balanced
-    if (substr_count($equation,"(") != substr_count($equation,")")) {
-        $smarty->trigger_error("math: unbalanced parenthesis");
+    if (substr_count($equation, "(") != substr_count($equation, ")")) {
+        trigger_error("math: unbalanced parenthesis", E_USER_WARNING);
+
+        return;
+    }
+
+    // disallow backticks
+    if (strpos($equation, '`') !== false) {
+        trigger_error("math: backtick character not allowed in equation", E_USER_WARNING);
+
+        return;
+    }
+
+    // also disallow dollar signs
+    if (strpos($equation, '$') !== false) {
+        trigger_error("math: dollar signs not allowed in equation", E_USER_WARNING);
+
         return;
     }
 
     // match all vars in equation, make sure all are passed
-    preg_match_all("!(?:0x[a-fA-F0-9]+)|([a-zA-Z][a-zA-Z0-9_]+)!",$equation, $match);
-    $allowed_funcs = array('int','abs','ceil','cos','exp','floor','log','log10',
-                           'max','min','pi','pow','rand','round','sin','sqrt','srand','tan');
-    
-    foreach($match[1] as $curr_var) {
-        if ($curr_var && !in_array($curr_var, array_keys($params)) && !in_array($curr_var, $allowed_funcs)) {
-            $smarty->trigger_error("math: function call $curr_var not allowed");
+    preg_match_all('!(?:0x[a-fA-F0-9]+)|([a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*)!', $equation, $match);
+
+    foreach ($match[ 1 ] as $curr_var) {
+        if ($curr_var && !isset($params[ $curr_var ]) && !isset($_allowed_funcs[ $curr_var ])) {
+            trigger_error("math: function call $curr_var not allowed", E_USER_WARNING);
+
             return;
         }
     }
 
-    foreach($params as $key => $val) {
+    foreach ($params as $key => $val) {
         if ($key != "equation" && $key != "format" && $key != "assign") {
             // make sure value is not empty
-            if (strlen($val)==0) {
-                $smarty->trigger_error("math: parameter $key is empty");
+            if (strlen($val) == 0) {
+                trigger_error("math: parameter $key is empty", E_USER_WARNING);
+
                 return;
             }
             if (!is_numeric($val)) {
-                $smarty->trigger_error("math: parameter $key: is not numeric");
+                trigger_error("math: parameter $key: is not numeric", E_USER_WARNING);
+
                 return;
             }
             $equation = preg_replace("/\b$key\b/", " \$params['$key'] ", $equation);
         }
     }
+    $smarty_math_result = null;
+    eval("\$smarty_math_result = " . $equation . ";");
 
-    eval("\$smarty_math_result = ".$equation.";");
-
-    if (empty($params['format'])) {
-        if (empty($params['assign'])) {
+    if (empty($params[ 'format' ])) {
+        if (empty($params[ 'assign' ])) {
             return $smarty_math_result;
         } else {
-            $smarty->assign($params['assign'],$smarty_math_result);
+            $template->assign($params[ 'assign' ], $smarty_math_result);
         }
     } else {
-        if (empty($params['assign'])){
-            printf($params['format'],$smarty_math_result);
+        if (empty($params[ 'assign' ])) {
+            printf($params[ 'format' ], $smarty_math_result);
         } else {
-            $smarty->assign($params['assign'],sprintf($params['format'],$smarty_math_result));
+            $template->assign($params[ 'assign' ], sprintf($params[ 'format' ], $smarty_math_result));
         }
     }
 }
-
-/* vim: set expandtab: */
-
-?>
index 7d3230ba73e429cb688e5e5b4906c9413df27486..a2f52b232c1316ee9b7d0a2ea70cfc41c1b012c6 100644 (file)
@@ -33,7 +33,7 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = 'ISO-88
 
         case 'urlpathinfo':
             return str_replace('%2F','/',rawurlencode($string));
-
+            
         case 'quotes':
             // escape unescaped single quotes
             return preg_replace("%(?<!\\\\)'%", "\\'", $string);
@@ -45,12 +45,7 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = 'ISO-88
                 $return .= '%' . bin2hex($string[$x]);
             }
             return $return;
-
-        case 'phone':
-            $return = str_replace('+','00',$string);
-            $return = preg_replace('/[^0-9]+/','',$return);
-            return $return;
-
+            
         case 'hexentity':
             $return = '';
             for ($x=0; $x < strlen($string); $x++) {
@@ -68,11 +63,11 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = 'ISO-88
         case 'javascript':
             // escape quotes and backslashes, newlines, etc.
             return strtr($string, array('\\'=>'\\\\',"'"=>"\\'",'"'=>'\\"',"\r"=>'\\r',"\n"=>'\\n','</'=>'<\/'));
-
+            
         case 'mail':
             // safe way to display e-mail address on a web page
             return str_replace(array('@', '.'),array(' [AT] ', ' [DOT] '), $string);
-
+            
         case 'nonstd':
            // escape non-standard chars, such as ms document quotes
            $_res = '';
index d4d20309d2d3b51f9723eea0229ac263fcaf4e56..100b58ce4b1e7a969bef4fdee59f17d36f56f41c 100644 (file)
  */
 function smarty_modifier_regex_replace($string, $search, $replace)
 {
+    if(is_array($search)) {
+      foreach($search as $idx => $s)
+        $search[$idx] = _smarty_regex_replace_check($s);
+    } else {
+      $search = _smarty_regex_replace_check($search);
+    }       
+
+    return preg_replace($search, $replace, $string);
+}
+
+function _smarty_regex_replace_check($search)
+{
+    if (($pos = strpos($search,"\0")) !== false)
+      $search = substr($search,0,$pos);
     if (preg_match('!([a-zA-Z\s]+)$!s', $search, $match) && (strpos($match[1], 'e') !== false)) {
         /* remove eval-modifier from $search */
         $search = substr($search, 0, -strlen($match[1])) . preg_replace('![e\s]+!', '', $match[1]);
     }
-       
-    return preg_replace($search, $replace, $string);
+    return $search;
 }
 
 /* vim: set expandtab: */
index 97b0d21e8495185671a190b90db9c426a73482a1..739fa39b021a36fe24d8b39efee9363f1aab8cc1 100644 (file)
 function smarty_outputfilter_trimwhitespace($source, &$smarty)
 {
     // Pull out the script blocks
-    preg_match_all("!<script[^>]+>.*?</script>!is", $source, $match);
+    preg_match_all("!<script[^>]*?>.*?</script>!is", $source, $match);
     $_script_blocks = $match[0];
-    $source = preg_replace("!<script[^>]+>.*?</script>!is",
+    $source = preg_replace("!<script[^>]*?>.*?</script>!is",
                            '@@@SMARTY:TRIM:SCRIPT@@@', $source);
 
     // Pull out the pre blocks
-    preg_match_all("!<pre>.*?</pre>!is", $source, $match);
+    preg_match_all("!<pre[^>]*?>.*?</pre>!is", $source, $match);
     $_pre_blocks = $match[0];
-    $source = preg_replace("!<pre>.*?</pre>!is",
+    $source = preg_replace("!<pre[^>]*?>.*?</pre>!is",
                            '@@@SMARTY:TRIM:PRE@@@', $source);
-
+    
     // Pull out the textarea blocks
-    preg_match_all("!<textarea[^>]+>.*?</textarea>!is", $source, $match);
+    preg_match_all("!<textarea[^>]*?>.*?</textarea>!is", $source, $match);
     $_textarea_blocks = $match[0];
-    $source = preg_replace("!<textarea[^>]+>.*?</textarea>!is",
+    $source = preg_replace("!<textarea[^>]*?>.*?</textarea>!is",
                            '@@@SMARTY:TRIM:TEXTAREA@@@', $source);
 
     // remove all leading spaces, tabs and carriage returns NOT