ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
CheckSecurity.php
Go to the documentation of this file.
1 <?php
2 
3 /*
4  * This file is part of Twig.
5  *
6  * (c) Fabien Potencier
7  *
8  * For the full copyright and license information, please view the LICENSE
9  * file that was distributed with this source code.
10  */
11 
15 class Twig_Node_CheckSecurity extends Twig_Node
16 {
17  protected $usedFilters;
18  protected $usedTags;
19  protected $usedFunctions;
20 
21  public function __construct(array $usedFilters, array $usedTags, array $usedFunctions)
22  {
23  $this->usedFilters = $usedFilters;
24  $this->usedTags = $usedTags;
25  $this->usedFunctions = $usedFunctions;
26 
27  parent::__construct();
28  }
29 
30  public function compile(Twig_Compiler $compiler)
31  {
32  $tags = $filters = $functions = array();
33  foreach (array('tags', 'filters', 'functions') as $type) {
34  foreach ($this->{'used'.ucfirst($type)} as $name => $node) {
35  if ($node instanceof Twig_Node) {
36  ${$type}[$name] = $node->getTemplateLine();
37  } else {
38  ${$type}[$node] = null;
39  }
40  }
41  }
42 
43  $compiler
44  ->write('$tags = ')->repr(array_filter($tags))->raw(";\n")
45  ->write('$filters = ')->repr(array_filter($filters))->raw(";\n")
46  ->write('$functions = ')->repr(array_filter($functions))->raw(";\n\n")
47  ->write("try {\n")
48  ->indent()
49  ->write("\$this->env->getExtension('Twig_Extension_Sandbox')->checkSecurity(\n")
50  ->indent()
51  ->write(!$tags ? "array(),\n" : "array('".implode("', '", array_keys($tags))."'),\n")
52  ->write(!$filters ? "array(),\n" : "array('".implode("', '", array_keys($filters))."'),\n")
53  ->write(!$functions ? "array()\n" : "array('".implode("', '", array_keys($functions))."')\n")
54  ->outdent()
55  ->write(");\n")
56  ->outdent()
57  ->write("} catch (Twig_Sandbox_SecurityError \$e) {\n")
58  ->indent()
59  ->write("\$e->setSourceContext(\$this->getSourceContext());\n\n")
60  ->write("if (\$e instanceof Twig_Sandbox_SecurityNotAllowedTagError && isset(\$tags[\$e->getTagName()])) {\n")
61  ->indent()
62  ->write("\$e->setTemplateLine(\$tags[\$e->getTagName()]);\n")
63  ->outdent()
64  ->write("} elseif (\$e instanceof Twig_Sandbox_SecurityNotAllowedFilterError && isset(\$filters[\$e->getFilterName()])) {\n")
65  ->indent()
66  ->write("\$e->setTemplateLine(\$filters[\$e->getFilterName()]);\n")
67  ->outdent()
68  ->write("} elseif (\$e instanceof Twig_Sandbox_SecurityNotAllowedFunctionError && isset(\$functions[\$e->getFunctionName()])) {\n")
69  ->indent()
70  ->write("\$e->setTemplateLine(\$functions[\$e->getFunctionName()]);\n")
71  ->outdent()
72  ->write("}\n\n")
73  ->write("throw \$e;\n")
74  ->outdent()
75  ->write("}\n\n")
76  ;
77  }
78 }
79 
80 class_alias('Twig_Node_CheckSecurity', 'Twig\Node\CheckSecurityNode', false);
Twig_Node
Represents a node in the AST.
Definition: Node.php:18
$type
$type
Definition: proxy_ylocal.php:10
Twig_Node_CheckSecurity\compile
compile(Twig_Compiler $compiler)
Compiles the node to PHP.
Definition: CheckSecurity.php:30
Twig_Node_CheckSecurity\$usedFunctions
$usedFunctions
Definition: CheckSecurity.php:19
Twig_Node\$name
$name
Definition: Node.php:25
Twig_Node_CheckSecurity\$usedTags
$usedTags
Definition: CheckSecurity.php:18
Twig_Node_CheckSecurity
Definition: CheckSecurity.php:15
$tags
$tags
Definition: croninfo.php:19
Twig_Node_CheckSecurity\__construct
__construct(array $usedFilters, array $usedTags, array $usedFunctions)
Definition: CheckSecurity.php:21
Twig_Node_CheckSecurity\$usedFilters
$usedFilters
Definition: CheckSecurity.php:17
Twig_Compiler
Twig_Compiler\write
write()
Writes a string to the compiled code by adding indentation.
Definition: Compiler.php:124