[pLog-svn] r1203 - in plog/trunk: . class/template localetemplates/admin templates/summary

Mark Wu markplace at gmail.com
Sat Feb 26 16:14:27 GMT 2005


Wow, I just see the impact by this patch, some plugins can not work well,
unless I turn on this option. :(

So, it only restict to {php}{/php} or also inlcude {literal}{/literal} or
others? Lik {include ..}

Mark

-----Original Message-----
From: plog-svn-bounces at devel.plogworld.net
[mailto:plog-svn-bounces at devel.plogworld.net] On Behalf Of
oscar at devel.plogworld.net
Sent: Thursday, February 24, 2005 11:22 PM
To: plog-svn at devel.plogworld.net
Subject: [pLog-svn] r1203 - in plog/trunk: . class/template
localetemplates/admin templates/summary

Author: oscar
Date: 2005-02-24 15:21:56 +0000 (Thu, 24 Feb 2005) New Revision: 1203

Modified:
   plog/trunk/class/template/template.class.php
   plog/trunk/locale/locale_en_UK.php
   plog/trunk/templates/admin/globalsettings_templates.template
   plog/trunk/templates/summary/pager.template
   plog/trunk/wizard.php
Log:
now php code is not allowed by default in smarty templates. In order to
reenable this feature, set administration->global settings->template
settings->allow_php_code_in_templates
to true.
A new locale string was needed (help_allow_php_code_in_templates) and the
wizard has also been modified in order to add this new setting to the
plog_config table.


Modified: plog/trunk/class/template/template.class.php
===================================================================
--- plog/trunk/class/template/template.class.php	2005-02-24 08:17:09
UTC (rev 1202)
+++ plog/trunk/class/template/template.class.php	2005-02-24 15:21:56
UTC (rev 1203)
@@ -51,6 +51,14 @@
 
             // enable the security settings
             $this->php_handling = false;
+            // code is not allowed in the templates by default, unless
specified otherwise
+            /*if( $config->getValue( 'allow_php_code_in_templates', false
))
+            	$this->security = true;
+            else
+            	$this->security = false;*/
+            	
+            $this->security = (boolean)!$config->getValue(
'allow_php_code_in_templates', false );
+            //$this->security = true;
 
             // default folders
             $this->compile_dir  = $config->getValue( 'temp_folder' );

Modified: plog/trunk/locale/locale_en_UK.php
===================================================================
--- plog/trunk/locale/locale_en_UK.php	2005-02-24 08:17:09 UTC (rev 1202)
+++ plog/trunk/locale/locale_en_UK.php	2005-02-24 15:21:56 UTC (rev 1203)
@@ -724,6 +724,7 @@
 $messages['help_template_cache_enabled'] = 'Enable the template cache. If
enabled, the cached version of a page will be used whenever possible. No
data will need to be fetched from the database and templates will not need
to be recompiled';  $messages['help_template_cache_lifetime'] = 'Lifetime in
seconds of the cache. Set to -1 to force the cache to never expire. If set
to 0, the cache will be disabled but it is recommended to set
template_cache_enabled to "No" in order to disable the cache';
$messages['help_template_http_cache_enabled'] = 'Enable support for HTTP
conditional requests. If enabled, pLog will take the "If-Modified-Since"
HTTP header into account and send only content if strictly needed. Enable
this to save bandwidth';
+$messages['help_allow_php_code_in_templates'] = 'Allows to embed native 
+PHP code in Smarty templates inside {php}...{/php} blocks';
 // urls
 $messages['help_request_format_mode'] = 'Select one of the available URL
format. If using custom URLs, make sure to configure the settings below';
$messages['plain'] = 'Plain';

Modified: plog/trunk/templates/admin/globalsettings_templates.template
===================================================================
--- plog/trunk/templates/admin/globalsettings_templates.template
2005-02-24 08:17:09 UTC (rev 1202)
+++ plog/trunk/templates/admin/globalsettings_templates.template
2005-02-24 15:21:56 UTC (rev 1203)
@@ -25,6 +25,13 @@
     <input class="radio" type="radio" id="config[users_can_add_templates]"
name="config[users_can_add_templates]" value="1" {if
$users_can_add_templates == 1 } checked="checked" {/if}
/>{$locale->tr("yes")}
     <input class="radio" type="radio" id="config[users_can_add_templates]"
name="config[users_can_add_templates]" value="0" {if
$users_can_add_templates == 0 } checked="checked" {/if}
/>{$locale->tr("no")}
    </div>
+   <!-- allow_php_code_in_templates -->
+   <div class="field">
+    <label
for="config[allow_php_code_in_templates]">allow_php_code_in_templates</label
>
+    <div
class="formHelp">{$locale->tr("help_allow_php_code_in_templates")}</div>
+    <input class="radio" type="radio"
id="config[allow_php_code_in_templates]"
name="config[allow_php_code_in_templates]" value="1" {if
$allow_php_code_in_templates == 1 } checked="checked" {/if}
/>{$locale->tr("yes")}
+    <input class="radio" type="radio"
id="config[allow_php_code_in_templates]"
name="config[allow_php_code_in_templates]" value="0" {if
$allow_php_code_in_templates == 0 } checked="checked" {/if}
/>{$locale->tr("no")}
+   </div>   
    <!-- template_compile_check -->
    <div class="field">
     <label
for="config[template_compile_check]">template_compile_check</label>

Modified: plog/trunk/templates/summary/pager.template
===================================================================
--- plog/trunk/templates/summary/pager.template	2005-02-24 08:17:09 UTC (rev
1202)
+++ plog/trunk/templates/summary/pager.template	2005-02-24 15:21:56 UTC (rev
1203)
@@ -1,4 +1,4 @@
-{if $style=="list" || style==""}
+{if $style=="list" || $style==""}
 	<script type="text/javascript">
 		{literal}
 		function onPagerListChange(list) 

Modified: plog/trunk/wizard.php
===================================================================
--- plog/trunk/wizard.php	2005-02-24 08:17:09 UTC (rev 1202)
+++ plog/trunk/wizard.php	2005-02-24 15:21:56 UTC (rev 1203)
@@ -626,6 +626,7 @@
 $Inserts[107] = "INSERT INTO {dbprefix}config (config_key, config_value,
value_type) VALUES('template_http_cache_enabled', '0', 1);";  $Inserts[108]
= "INSERT INTO {dbprefix}config (config_key, config_value, value_type)
VALUES('template_compile_check', '1', 1);";  $Inserts[109] = "INSERT INTO
{dbprefix}config (config_key, config_value, value_type)
VALUES('update_cached_article_reads', '1', 1);";
+$Inserts[110] = "INSERT INTO {dbprefix}config (config_key, 
+config_value, value_type) VALUES('allow_php_code_in_templates', '0', 
+1);";
 
 
 	/**
@@ -1397,7 +1398,7 @@
             // ---
             // add the new configuration settings that were added for 1.0
             // ---
-            $newSettings = range( 71, 109 );
+            $newSettings = range( 71, 110 );
             foreach( $newSettings as $settingId ) {
                 $setting = $Inserts[$settingId];
                 $query = str_replace( "{dbprefix}", $this->_dbPrefix,
$setting );

_______________________________________________
pLog-svn mailing list
pLog-svn at devel.plogworld.net
http://devel.plogworld.net/mailman/listinfo/plog-svn




More information about the pLog-svn mailing list