diff options
| -rw-r--r-- | phpBB/includes/template/compile.php | 14 | ||||
| -rw-r--r-- | phpBB/includes/template/filter.php | 25 | ||||
| -rw-r--r-- | phpBB/includes/template/template.php | 2 | ||||
| -rw-r--r-- | tests/template/includephp_test.php | 8 | ||||
| -rw-r--r-- | tests/template/subdir/includephp_from_subdir_test.php | 4 | ||||
| -rw-r--r-- | tests/template/template_compile_test.php | 2 | ||||
| -rw-r--r-- | tests/template/template_test.php | 4 | ||||
| -rw-r--r-- | tests/template/template_test_case.php | 16 |
8 files changed, 46 insertions, 29 deletions
diff --git a/phpBB/includes/template/compile.php b/phpBB/includes/template/compile.php index 59ab9e654e..647e8ccf8a 100644 --- a/phpBB/includes/template/compile.php +++ b/phpBB/includes/template/compile.php @@ -26,6 +26,18 @@ stream_filter_register('phpbb_template', 'phpbb_template_filter'); class phpbb_template_compile { /** + * Whether <!-- PHP --> tags are allowed + * + * @var bool + */ + private $allow_php; + + public function __construct($allow_php) + { + $this->allow_php = $allow_php; + } + + /** * Compiles template in $source_file and writes compiled template to * cache directory * @param string $handle Template handle to compile @@ -96,7 +108,7 @@ class phpbb_template_compile */ private function compile_stream_to_stream($source_stream, $dest_stream) { - stream_filter_append($source_stream, 'phpbb_template'); + stream_filter_append($source_stream, 'phpbb_template', null, array('allow_php' => $this->allow_php)); stream_copy_to_stream($source_stream, $dest_stream); } } diff --git a/phpBB/includes/template/filter.php b/phpBB/includes/template/filter.php index c0943ae8c0..42700500a7 100644 --- a/phpBB/includes/template/filter.php +++ b/phpBB/includes/template/filter.php @@ -65,6 +65,18 @@ class phpbb_template_filter extends php_user_filter */ private $in_php; + /** + * Whether <!-- PHP --> tags are allowed + * + * @var bool + */ + private $allow_php; + + public function __construct($allow_php) + { + $this->allow_php = $allow_php; + } + public function filter($in, $out, &$consumed, $closing) { $written = false; @@ -111,6 +123,7 @@ class phpbb_template_filter extends php_user_filter { $this->chunk = ''; $this->in_php = false; + $this->allow_php = $this->params['allow_php']; return true; } @@ -121,10 +134,8 @@ class phpbb_template_filter extends php_user_filter $data = preg_replace('#<(?:[\\?%]|script)#s', '<?php echo\'\\0\';?>', $data); $data = preg_replace_callback(self::REGEX_TOKENS, array($this, 'replace'), $data); - global $config; - // Remove php - if (!$config['tpl_allow_php']) + if (!$this->allow_php) { if ($block_start_in_php && $this->in_php @@ -195,8 +206,6 @@ class phpbb_template_filter extends php_user_filter return $this->compile_var_tags($matches[0]); } - global $config; - switch ($matches[1]) { case 'BEGIN': @@ -243,11 +252,11 @@ class phpbb_template_filter extends php_user_filter break; case 'INCLUDEPHP': - return ($config['tpl_allow_php']) ? '<?php ' . $this->compile_tag_include_php($matches[2]) . ' ?>' : ''; + return ($this->allow_php) ? '<?php ' . $this->compile_tag_include_php($matches[2]) . ' ?>' : ''; break; case 'PHP': - if ($config['tpl_allow_php']) + if ($this->allow_php) { $this->in_php = true; return '<?php '; @@ -256,7 +265,7 @@ class phpbb_template_filter extends php_user_filter break; case 'ENDPHP': - if ($config['tpl_allow_php']) + if ($this->allow_php) { $this->in_php = false; return ' ?>'; diff --git a/phpBB/includes/template/template.php b/phpBB/includes/template/template.php index 935605b12a..2c121d7247 100644 --- a/phpBB/includes/template/template.php +++ b/phpBB/includes/template/template.php @@ -376,7 +376,7 @@ class phpbb_template $source_file = $this->_source_file_for_handle($handle); - $compile = new phpbb_template_compile(); + $compile = new phpbb_template_compile($this->config['tpl_allow_php']); $output_file = $this->_compiled_file_for_handle($handle); if ($compile->compile_file_to_file($source_file, $output_file) !== false) diff --git a/tests/template/includephp_test.php b/tests/template/includephp_test.php index 45dc8dc39e..64240e1be8 100644 --- a/tests/template/includephp_test.php +++ b/tests/template/includephp_test.php @@ -13,7 +13,7 @@ class phpbb_template_includephp_test extends phpbb_template_template_test_case { public function test_includephp_relative() { - $GLOBALS['config']['tpl_allow_php'] = true; + $this->setup_engine(array('tpl_allow_php' => true)); $cache_file = $this->template->cachepath . 'includephp_relative.html.php'; @@ -21,8 +21,6 @@ class phpbb_template_includephp_test extends phpbb_template_template_test_case $this->template->set_filenames(array('test' => 'includephp_relative.html')); $this->assertEquals("Path is relative to board root.\ntesting included php", $this->display('test'), "Testing INCLUDEPHP"); - - $GLOBALS['config']['tpl_allow_php'] = false; } public function test_includephp_absolute() @@ -36,7 +34,7 @@ class phpbb_template_includephp_test extends phpbb_template_template_test_case fputs($fp, $template_text); fclose($fp); - $GLOBALS['config']['tpl_allow_php'] = true; + $this->setup_engine(array('tpl_allow_php' => true)); $this->template->set_custom_template($cache_dir, 'tests'); $cache_file = $this->template->cachepath . 'includephp_absolute.html.php'; @@ -45,7 +43,5 @@ class phpbb_template_includephp_test extends phpbb_template_template_test_case $this->template->set_filenames(array('test' => 'includephp_absolute.html')); $this->assertEquals("Path is absolute.\ntesting included php", $this->display('test'), "Testing INCLUDEPHP"); - - $GLOBALS['config']['tpl_allow_php'] = false; } } diff --git a/tests/template/subdir/includephp_from_subdir_test.php b/tests/template/subdir/includephp_from_subdir_test.php index d6148c7032..3cc632485d 100644 --- a/tests/template/subdir/includephp_from_subdir_test.php +++ b/tests/template/subdir/includephp_from_subdir_test.php @@ -17,7 +17,7 @@ class phpbb_template_subdir_includephp_from_subdir_test extends phpbb_template_t // board root. public function test_includephp_relative() { - $GLOBALS['config']['tpl_allow_php'] = true; + $this->setup_engine(array('tpl_allow_php' => true)); $cache_file = $this->template->cachepath . 'includephp_relative.html.php'; @@ -25,7 +25,5 @@ class phpbb_template_subdir_includephp_from_subdir_test extends phpbb_template_t $this->template->set_filenames(array('test' => 'includephp_relative.html')); $this->assertEquals("Path is relative to board root.\ntesting included php", $this->display('test'), "Testing INCLUDEPHP"); - - $GLOBALS['config']['tpl_allow_php'] = false; } } diff --git a/tests/template/template_compile_test.php b/tests/template/template_compile_test.php index 769c7c2680..8c136c9985 100644 --- a/tests/template/template_compile_test.php +++ b/tests/template/template_compile_test.php @@ -16,7 +16,7 @@ class phpbb_template_template_compile_test extends phpbb_test_case protected function setUp() { - $this->template_compile = new phpbb_template_compile(); + $this->template_compile = new phpbb_template_compile(false); $this->template_path = dirname(__FILE__) . '/templates'; } diff --git a/tests/template/template_test.php b/tests/template/template_test.php index 71cf9d38f3..df3f927c22 100644 --- a/tests/template/template_test.php +++ b/tests/template/template_test.php @@ -328,15 +328,13 @@ class phpbb_template_template_test extends phpbb_template_template_test_case public function test_php() { - $GLOBALS['config']['tpl_allow_php'] = true; + $this->setup_engine(array('tpl_allow_php' => true)); $cache_file = $this->template->cachepath . 'php.html.php'; $this->assertFileNotExists($cache_file); $this->run_template('php.html', array(), array(), array(), 'test', $cache_file); - - $GLOBALS['config']['tpl_allow_php'] = false; } public static function alter_block_array_data() diff --git a/tests/template/template_test_case.php b/tests/template/template_test_case.php index cab1aa3d4f..ed5afdc643 100644 --- a/tests/template/template_test_case.php +++ b/tests/template/template_test_case.php @@ -29,9 +29,16 @@ class phpbb_template_template_test_case extends phpbb_test_case return str_replace("\n\n", "\n", implode("\n", array_map('trim', explode("\n", trim($result))))); } - protected function setup_engine() + protected function setup_engine(array $new_config = array()) { - global $phpbb_root_path, $phpEx, $config, $user; + global $phpbb_root_path, $phpEx, $user; + + $defaults = array( + 'load_tplcompile' => true, + 'tpl_allow_php' => false, + ); + + $config = new phpbb_config(array_merge($defaults, $new_config)); $this->template_path = dirname(__FILE__) . '/templates'; $this->template = new phpbb_template($phpbb_root_path, $phpEx, $config, $user); @@ -53,10 +60,7 @@ class phpbb_template_template_test_case extends phpbb_test_case unlink($file); } - $GLOBALS['config'] = array( - 'load_tplcompile' => true, - 'tpl_allow_php' => false, - ); + $this->setup_engine(); } protected function tearDown() |