ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
CheckSecurity.php
Go to the documentation of this file.
1<?php
2
3/*
4 * This file is part of Twig.
5 *
6 * (c) Fabien Potencier
7 *
8 * For the full copyright and license information, please view the LICENSE
9 * file that was distributed with this source code.
10 */
11
16{
17 protected $usedFilters;
18 protected $usedTags;
19 protected $usedFunctions;
20
21 public function __construct(array $usedFilters, array $usedTags, array $usedFunctions)
22 {
23 $this->usedFilters = $usedFilters;
24 $this->usedTags = $usedTags;
25 $this->usedFunctions = $usedFunctions;
26
27 parent::__construct();
28 }
29
30 public function compile(Twig_Compiler $compiler)
31 {
32 $tags = $filters = $functions = array();
33 foreach (array('tags', 'filters', 'functions') as $type) {
34 foreach ($this->{'used'.ucfirst($type)} as $name => $node) {
35 if ($node instanceof Twig_Node) {
36 ${$type}[$name] = $node->getTemplateLine();
37 } else {
38 ${$type}[$node] = null;
39 }
40 }
41 }
42
43 $compiler
44 ->write('$tags = ')->repr(array_filter($tags))->raw(";\n")
45 ->write('$filters = ')->repr(array_filter($filters))->raw(";\n")
46 ->write('$functions = ')->repr(array_filter($functions))->raw(";\n\n")
47 ->write("try {\n")
48 ->indent()
49 ->write("\$this->env->getExtension('Twig_Extension_Sandbox')->checkSecurity(\n")
50 ->indent()
51 ->write(!$tags ? "array(),\n" : "array('".implode("', '", array_keys($tags))."'),\n")
52 ->write(!$filters ? "array(),\n" : "array('".implode("', '", array_keys($filters))."'),\n")
53 ->write(!$functions ? "array()\n" : "array('".implode("', '", array_keys($functions))."')\n")
54 ->outdent()
55 ->write(");\n")
56 ->outdent()
57 ->write("} catch (Twig_Sandbox_SecurityError \$e) {\n")
58 ->indent()
59 ->write("\$e->setSourceContext(\$this->getSourceContext());\n\n")
60 ->write("if (\$e instanceof Twig_Sandbox_SecurityNotAllowedTagError && isset(\$tags[\$e->getTagName()])) {\n")
61 ->indent()
62 ->write("\$e->setTemplateLine(\$tags[\$e->getTagName()]);\n")
63 ->outdent()
64 ->write("} elseif (\$e instanceof Twig_Sandbox_SecurityNotAllowedFilterError && isset(\$filters[\$e->getFilterName()])) {\n")
65 ->indent()
66 ->write("\$e->setTemplateLine(\$filters[\$e->getFilterName()]);\n")
67 ->outdent()
68 ->write("} elseif (\$e instanceof Twig_Sandbox_SecurityNotAllowedFunctionError && isset(\$functions[\$e->getFunctionName()])) {\n")
69 ->indent()
70 ->write("\$e->setTemplateLine(\$functions[\$e->getFunctionName()]);\n")
71 ->outdent()
72 ->write("}\n\n")
73 ->write("throw \$e;\n")
74 ->outdent()
75 ->write("}\n\n")
76 ;
77 }
78}
79
80class_alias('Twig_Node_CheckSecurity', 'Twig\Node\CheckSecurityNode', false);
An exception for terminatinating execution or to throw for unit testing.
Compiles a node to PHP code.
Definition: Compiler.php:19
write()
Writes a string to the compiled code by adding indentation.
Definition: Compiler.php:124
compile(Twig_Compiler $compiler)
Compiles the node to PHP.
__construct(array $usedFilters, array $usedTags, array $usedFunctions)
Represents a node in the AST.
Definition: Node.php:19
$tags
Definition: croninfo.php:19
$type