PEEL Shopping
Open source ecommerce : PEEL Shopping
Public Member Functions | Data Fields | Protected Attributes
Smarty_Security Class Reference

This class does contain the security settings. More...

Public Member Functions

 __construct ($smarty)
 
 isTrustedPhpFunction ($function_name, $compiler)
 Check if PHP function is trusted. More...
 
 isTrustedStaticClass ($class_name, $compiler)
 Check if static class is trusted. More...
 
 isTrustedPhpModifier ($modifier_name, $compiler)
 Check if PHP modifier is trusted. More...
 
 isTrustedTag ($tag_name, $compiler)
 Check if tag is trusted. More...
 
 isTrustedModifier ($modifier_name, $compiler)
 Check if modifier plugin is trusted. More...
 
 isTrustedStream ($stream_name)
 Check if stream is trusted. More...
 
 isTrustedResourceDir ($filepath)
 Check if directory of file resource is trusted. More...
 
 isTrustedUri ($uri)
 Check if URI (e.g. More...
 
 isTrustedPHPDir ($filepath)
 Check if directory of file resource is trusted. More...
 

Data Fields

 $php_handling = Smarty::PHP_PASSTHRU
 
 $secure_dir = array()
 
 $trusted_dir = array()
 
 $trusted_uri = array()
 
 $static_classes = array()
 
 $php_functions
 
 $php_modifiers
 
 $allowed_tags = array()
 
 $disabled_tags = array()
 
 $allowed_modifiers = array()
 
 $disabled_modifiers = array()
 
 $streams = array('file')
 
 $allow_constants = true
 
 $allow_super_globals = true
 

Protected Attributes

 $_resource_dir = null
 
 $_template_dir = null
 
 $_config_dir = null
 
 $_secure_dir = null
 
 $_php_resource_dir = null
 
 $_trusted_dir = null
 

Detailed Description

This class does contain the security settings.

Definition at line 22 of file smarty_security.php.

Constructor & Destructor Documentation

__construct (   $smarty)
Parameters
Smarty$smarty

Definition at line 172 of file smarty_security.php.

Member Function Documentation

isTrustedModifier (   $modifier_name,
  $compiler 
)

Check if modifier plugin is trusted.

Parameters
string$modifier_name
object$compilercompiler object
Returns
boolean true if tag is trusted
Exceptions
SmartyCompilerExceptionif modifier is not trusted

Definition at line 269 of file smarty_security.php.

isTrustedPHPDir (   $filepath)

Check if directory of file resource is trusted.

Parameters
string$filepath
Returns
boolean true if directory is trusted
Exceptions
SmartyExceptionif PHP directory is not trusted

Definition at line 417 of file smarty_security.php.

isTrustedPhpFunction (   $function_name,
  $compiler 
)

Check if PHP function is trusted.

Parameters
string$function_name
object$compilercompiler object
Returns
boolean true if function is trusted
Exceptions
SmartyCompilerExceptionif php function is not trusted

Definition at line 185 of file smarty_security.php.

isTrustedPhpModifier (   $modifier_name,
  $compiler 
)

Check if PHP modifier is trusted.

Parameters
string$modifier_name
object$compilercompiler object
Returns
boolean true if modifier is trusted
Exceptions
SmartyCompilerExceptionif modifier is not trusted

Definition at line 221 of file smarty_security.php.

isTrustedResourceDir (   $filepath)

Check if directory of file resource is trusted.

Parameters
string$filepath
Returns
boolean true if directory is trusted
Exceptions
SmartyExceptionif directory is not trusted

Definition at line 313 of file smarty_security.php.

isTrustedStaticClass (   $class_name,
  $compiler 
)

Check if static class is trusted.

Parameters
string$class_name
object$compilercompiler object
Returns
boolean true if class is trusted
Exceptions
SmartyCompilerExceptionif static class is not trusted

Definition at line 203 of file smarty_security.php.

isTrustedStream (   $stream_name)

Check if stream is trusted.

Parameters
string$stream_name
Returns
boolean true if stream is trusted
Exceptions
SmartyExceptionif stream is not trusted

Definition at line 297 of file smarty_security.php.

isTrustedTag (   $tag_name,
  $compiler 
)

Check if tag is trusted.

Parameters
string$tag_name
object$compilercompiler object
Returns
boolean true if tag is trusted
Exceptions
SmartyCompilerExceptionif modifier is not trusted

Definition at line 239 of file smarty_security.php.

isTrustedUri (   $uri)

Check if URI (e.g.

{fetch} or {html_image}) is trusted

To simplify things, isTrustedUri() resolves all input to "{$PROTOCOL}://{$HOSTNAME}". So "http://username:password@hello.world.example.org:8080/some-path?some=query-string" is reduced to "http://hello.world.example.org" prior to applying the patters from $trusted_uri.

Parameters
string$uri
Returns
boolean true if URI is trusted
Exceptions
SmartyExceptionif URI is not trusted $trusted_uri for list of patterns to match against $uri

Definition at line 395 of file smarty_security.php.

Field Documentation

$_config_dir = null
protected

Definition at line 151 of file smarty_security.php.

$_php_resource_dir = null
protected

Definition at line 161 of file smarty_security.php.

$_resource_dir = null
protected

Definition at line 141 of file smarty_security.php.

$_secure_dir = null
protected

Definition at line 156 of file smarty_security.php.

$_template_dir = null
protected

Definition at line 146 of file smarty_security.php.

$_trusted_dir = null
protected

Definition at line 166 of file smarty_security.php.

$allow_constants = true

Definition at line 130 of file smarty_security.php.

$allow_super_globals = true

Definition at line 135 of file smarty_security.php.

$allowed_modifiers = array()

Definition at line 110 of file smarty_security.php.

$allowed_tags = array()

Definition at line 96 of file smarty_security.php.

$disabled_modifiers = array()

Definition at line 117 of file smarty_security.php.

$disabled_tags = array()

Definition at line 103 of file smarty_security.php.

$php_functions
Initial value:
= array(
'isset', 'empty',
'count', 'sizeof',
'in_array', 'is_array',
'time',
'nl2br',
)

Definition at line 72 of file smarty_security.php.

$php_handling = Smarty::PHP_PASSTHRU

Definition at line 36 of file smarty_security.php.

$php_modifiers
Initial value:
= array(
'escape',
'count'
)

Definition at line 86 of file smarty_security.php.

$secure_dir = array()

Definition at line 43 of file smarty_security.php.

$static_classes = array()

Definition at line 64 of file smarty_security.php.

$streams = array('file')

Definition at line 125 of file smarty_security.php.

$trusted_dir = array()

Definition at line 50 of file smarty_security.php.

$trusted_uri = array()

Definition at line 56 of file smarty_security.php.

The documentation for this class was generated from the following file:

This documentation for Open ecommerce PEEL Shopping and PEEL.fr has been generated by Doxygen on Thu Oct 15 2015 14:41:44 - Peel ecommerce is a product of Agence web Advisto SAS. All rights reserved.