Class Smarty_Security
This class does contain the security settings
Author: Uwe Tews
Located at wa-system/vendors/smarty3/sysplugins/smarty_security.php
public
|
|
public
boolean
|
|
public
boolean
|
#
isTrustedStaticClass( string $class_name, object $compiler, mixed $method = false )
Check if static class is trusted. |
public
boolean
|
|
public
boolean
|
|
public
boolean
|
|
public
boolean
|
|
public
boolean
|
|
public
boolean
|
|
public
boolean
|
public
integer
|
$php_handling |
|
#
This determines how Smarty handles "<?php ... ?>" tags in templates.
possible values:
|
protected
array
|
$secure_dir | array() |
#
This is the list of template directories that are considered secure. $template_dir is in this list implicitly. |
public
array
|
$trusted_dir | array() |
#
This is an array of directories where trusted php scripts reside. $security is disabled during their inclusion/execution. |
protected
array
|
$trusted_uri | array() |
#
List of regular expressions (PCRE) that include trusted URIs |
protected
array
|
$static_classes | array(
'waFiles',
'waSystem',
'waContactFields',
'waConfig',
'waUtils',
'waHtmlControl',
'waLog',
'waRequest::file'
) |
#
This is an array of trusted static classes. |
protected
array
|
$php_functions | array(
'eval', 'exec', 'system', 'popen', 'proc_open', 'shell_exec', 'passthru',
'file_put_contents', 'file_get_contents', 'fopen', 'file', 'fwrite', 'fputs', 'copy', 'rename', 'move_uploaded_file',
'link', 'symlink', 'unlink',
'call_user_func', 'call_user_func_array', 'create_function', 'call_user_method', 'call_user_method_array',
'preg_replace_callback', 'wa', 'wa_lambda', 'preg_replace', 'unserialize', 'serialize',
'get_defined_vars', 'get_defined_constants',
'array_map', 'array_walk', 'array_reduce', 'array_filter', 'usort', 'uksort', 'uasort', 'array_diff_uassoc', 'array_diff_ukey',
'array_udiff_assoc', 'array_udiff_uassoc', 'array_udiff', 'array_uintersect_assoc', 'array_uintersect_uassoc',
'array_intersect_uassoc', 'array_intersect_ukey',
'array_uintersect', 'array_walk', 'array_walk_recursive',
'func_get_args', 'func_get_arg', 'class_alias', 'iterator_apply',
'mysql_fetch_object', 'mysqli_fetch_object',
'dom_import_simplexml', 'simplexml_load_string', 'simplexml_load_file',
'spl_autoload_register', 'spl_autoload_call', 'sscanf', 'curl_init'
) |
#
This is an array of disabled PHP functions. |
protected
array
|
$php_modifiers | array() |
#
This is an array of trusted PHP modifiers. |
protected
array
|
$allowed_tags | array() |
#
This is an array of allowed tags. |
protected
array
|
$disabled_tags | array(
'setfilter'
) |
#
This is an array of disabled tags. |
protected
array
|
$allowed_modifiers | array() |
#
This is an array of allowed modifier plugins. |
protected
array
|
$disabled_modifiers | array() |
#
This is an array of disabled modifier plugins. |
protected
array
|
$streams | array('file') |
#
This is an array of trusted streams. |
public
boolean
|
$allow_constants | true |
#
|
public
boolean
|
$allow_super_globals | true |
#
|
protected
array
|
$_resource_dir | null |
#
Cache for $resource_dir lookups |
protected
array
|
$_template_dir | null |
#
Cache for $template_dir lookups |
protected
array
|
$_config_dir | null |
#
Cache for $config_dir lookups |
protected
array
|
$_secure_dir | null |
#
Cache for $secure_dir lookups |
protected
array
|
$_php_resource_dir | null |
#
Cache for $php_resource_dir lookups |
protected
array
|
$_trusted_dir | null |
#
Cache for $trusted_dir lookups |