Update admin tool smarty lib

4 years ago · a188c6b38a
parent 3f0bacd374
commit a188c6b38a
5 changed files with 91 additions and 64 deletions
--- a/web/public_php/admin/smarty/Config_File.class.php
+++ b/web/public_php/admin/smarty/Config_File.class.php
@ -29,7 +29,7 @@
 * @package Smarty
 */
-/* $Id: Config_File.class.php 3149 2009-05-23 20:59:25Z monte.ohrt $ */
+/* $Id$ */
 /**
 * Config file reading class
@ -73,7 +73,7 @@ class Config_File {
     *
     * @param string $config_path (optional) path to the config files
     */
-    function Config_File($config_path = NULL)
+    public function __construct($config_path = NULL)
    {
        if (isset($config_path))
            $this->set_path($config_path);
--- a/web/public_php/admin/smarty/Smarty.class.php
+++ b/web/public_php/admin/smarty/Smarty.class.php
@ -27,10 +27,10 @@
 * @author Monte Ohrt <monte at ohrt dot com>
 * @author Andrei Zmievski <andrei@php.net>
 * @package Smarty
- * @version 2.6.28
+ * @version 2.6.31-dev
 */
-/* $Id: Smarty.class.php 4660 2012-09-24 20:05:15Z uwe.tews@googlemail.com $ */
+/* $Id$ */
 /**
 * DIR_SEP isn't used anymore, but third party apps might
@ -465,7 +465,7 @@ class Smarty
     *
     * @var string
     */
-    var $_version              = '2.6.28';
+    var $_version              = '2.6.31';
    /**
     * current template inclusion depth
@ -562,11 +562,17 @@ class Smarty
     */
    var $_cache_including = false;
    /**
     * plugin filepath cache
     *
     * @var array
     */
    var $_filepaths_cache = array();
    /**#@-*/
    /**
     * The class constructor.
     */
-    function __construct()
+    public function __construct()
    {
      $this->assign('SCRIPT_NAME', isset($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME']
                    : @$GLOBALS['HTTP_SERVER_VARS']['SCRIPT_NAME']);
--- a/web/public_php/admin/smarty/Smarty_Compiler.class.php
+++ b/web/public_php/admin/smarty/Smarty_Compiler.class.php
@ -26,7 +26,7 @@
 * @package Smarty
 */
-/* $Id: Smarty_Compiler.class.php 4779 2013-09-30 19:14:32Z Uwe.Tews@googlemail.com $ */
+/* $Id$ */
 /**
 * Template compiling class
@ -78,10 +78,8 @@ class Smarty_Compiler extends Smarty {
    /**
     * The class constructor.
     */
-    function __construct()
+    public function __construct()
    {
        parent::__construct();
        // matches double quoted strings:
        // "foobar"
        // "foo\"bar"
@ -261,14 +259,10 @@ class Smarty_Compiler extends Smarty {
        preg_match_all($search, $source_content, $match,  PREG_SET_ORDER);
        $this->_folded_blocks = $match;
        reset($this->_folded_blocks);
        /* replace special blocks by "{php}" */
-        $source_content = preg_replace_callback($search, function($matches) {
+        $source_content = preg_replace_callback($search, array($this,'_preg_callback')
-            return $this->_quote_replace($this->left_delimiter).'php'.
+                                       , $source_content);
                str_repeat("\n", substr_count($matches[1], "\n")).
                $this->_quote_replace($this->right_delimiter);
        }, $source_content);
        /* Gather all template tags. */
        preg_match_all("~{$ldq}\s*(.*?)\s*{$rdq}~s", $source_content, $_match);
@ -557,7 +551,7 @@ class Smarty_Compiler extends Smarty {
            case 'php':
                /* handle folded tags replaced by {php} */
-                $block = current($this->_folded_blocks);
+                $block = array_shift($this->_folded_blocks);
                $this->_current_line_no += substr_count($block[0], "\n");
                /* the number of matched elements in the regexp in _compile_file()
                   determins the type of folded tag that was found */
@ -755,7 +749,12 @@ class Smarty_Compiler extends Smarty {
        return true;
    }
-
+    function _preg_callback ($matches) {
    return $this->_quote_replace($this->left_delimiter)
           . 'php'
           . str_repeat("\n", substr_count($matches[1], "\n"))
           . $this->_quote_replace($this->right_delimiter);
    }
    /**
     * compile custom function tag
     *
--- a/web/public_php/admin/smarty/internals/core.assemble_plugin_filepath.php
+++ b/web/public_php/admin/smarty/internals/core.assemble_plugin_filepath.php
@ -14,11 +14,9 @@
 */
 function smarty_core_assemble_plugin_filepath($params, &$smarty)
 {
    static $_filepaths_cache = array();
    $_plugin_filename = $params['type'] . '.' . $params['name'] . '.php';
-    if (isset($_filepaths_cache[$_plugin_filename])) {
+    if (isset($smarty->_filepaths_cache[$_plugin_filename])) {
-        return $_filepaths_cache[$_plugin_filename];
+        return $smarty->_filepaths_cache[$_plugin_filename];
    }
    $_return = false;
@ -58,7 +56,7 @@ function smarty_core_assemble_plugin_filepath($params, &$smarty)
            }
        }
    }
-    $_filepaths_cache[$_plugin_filename] = $_return;
+    $smarty->_filepaths_cache[$_plugin_filename] = $_return;
    return $_return;
 }
--- a/web/public_php/admin/smarty/plugins/function.math.php
+++ b/web/public_php/admin/smarty/plugins/function.math.php
@ -1,68 +1,96 @@
 <?php
 /**
 * Smarty plugin
 * This plugin is only for Smarty2 BC
 *
 * @package    Smarty
- * @subpackage plugins
+ * @subpackage PluginsFunction
 */
 /**
 * Smarty {math} function plugin
 *
 * Type:     function<br>
 * Name:     math<br>
- * Purpose:  handle math computations in template<br>
+ * Purpose:  handle math computations in template
- * @link http://smarty.php.net/manual/en/language.function.math.php {math}
+ *
 * @link     http://www.smarty.net/manual/en/language.function.math.php {math}
 *           (Smarty online manual)
 * @author   Monte Ohrt <monte at ohrt dot com>
- * @param array
+ *
 * @param array                    $params   parameters
 * @param Smarty
- * @return string
+ *
 * @return string|null
 */
 function smarty_function_math($params, &$smarty)
 {
    static $_allowed_funcs =
        array('int' => true, 'abs' => true, 'ceil' => true, 'cos' => true, 'exp' => true, 'floor' => true,
              'log' => true, 'log10' => true, 'max' => true, 'min' => true, 'pi' => true, 'pow' => true, 'rand' => true,
              'round' => true, 'sin' => true, 'sqrt' => true, 'srand' => true, 'tan' => true);
    // be sure equation parameter is present
    if (empty($params[ 'equation' ])) {
-        $smarty->trigger_error("math: missing equation parameter");
+        trigger_error("math: missing equation parameter", E_USER_WARNING);
        return;
    }
-    // strip out backticks, not necessary for math
+    $equation = $params[ 'equation' ];
    $equation = str_replace('`','',$params['equation']);
    // make sure parenthesis are balanced
    if (substr_count($equation, "(") != substr_count($equation, ")")) {
-        $smarty->trigger_error("math: unbalanced parenthesis");
+        trigger_error("math: unbalanced parenthesis", E_USER_WARNING);
        return;
    }
-    // match all vars in equation, make sure all are passed
+    // disallow backticks
-    preg_match_all("!(?:0x[a-fA-F0-9]+)|([a-zA-Z][a-zA-Z0-9_]*)!",$equation, $match);
+    if (strpos($equation, '`') !== false) {
-    $allowed_funcs = array('int','abs','ceil','cos','exp','floor','log','log10',
+        trigger_error("math: backtick character not allowed in equation", E_USER_WARNING);
                           'max','min','pi','pow','rand','round','sin','sqrt','srand','tan');
    foreach($match[1] as $curr_var) {
        if ($curr_var && !in_array($curr_var, array_keys($params)) && !in_array($curr_var, $allowed_funcs)) {
            $smarty->trigger_error("math: function call $curr_var not allowed");
        return;
    }
    // also disallow dollar signs
    if (strpos($equation, '$') !== false) {
        trigger_error("math: dollar signs not allowed in equation", E_USER_WARNING);
        return;
    }
    foreach ($params as $key => $val) {
        if ($key != "equation" && $key != "format" && $key != "assign") {
            // make sure value is not empty
            if (strlen($val) == 0) {
-                $smarty->trigger_error("math: parameter $key is empty");
+                trigger_error("math: parameter '{$key}' is empty", E_USER_WARNING);
                return;
            }
            if (!is_numeric($val)) {
-                $smarty->trigger_error("math: parameter $key: is not numeric");
+                trigger_error("math: parameter '{$key}' is not numeric", E_USER_WARNING);
                return;
            }
            $equation = preg_replace("/\b$key\b/", " \$params['$key'] ", $equation);
        }
    }
    // match all vars in equation, make sure all are passed
    preg_match_all('!(?:0x[a-fA-F0-9]+)|([a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*)!', $equation, $match);
    foreach ($match[ 1 ] as $curr_var) {
        if ($curr_var && !isset($params[ $curr_var ]) && !isset($_allowed_funcs[ $curr_var ])) {
            trigger_error("math: function call '{$curr_var}' not allowed, or missing parameter '{$curr_var}'", E_USER_WARNING);
            return;
        }
    }
    foreach ($params as $key => $val) {
        if ($key != "equation" && $key != "format" && $key != "assign") {
            $equation = preg_replace("/\b$key\b/", " \$params['$key'] ", $equation);
        }
    }
    $smarty_math_result = null;
    eval("\$smarty_math_result = " . $equation . ";");
    if (empty($params[ 'format' ])) {
@ -79,7 +107,3 @@ function smarty_function_math($params, &$smarty)
        }
    }
 }
 /* vim: set expandtab: */
 ?>