Get Smarty

About Smarty

Resources

Links

Donate

Donate Bitcoin Bitcoin
Paypal

Smarty Icon

You may use the Smarty logo according to the trademark notice.

Smarty Template Engine Smarty Template Engine

For sponsorship, advertising, news or other inquiries, contact us at:

Check reviews of PHP Web Hosting, compatible with Smarty Templates

$security
Prev  Chapter 12. Smarty Class Variables  Next

$security

$security can be TRUE or FALSE, defaults to FALSE. Security is good for situations when you have untrusted parties editing the templates eg via ftp, and you want to reduce the risk of system security compromises through the template language. Turning on security enforces the following rules to the template language, unless specifially overridden with $security_settings:

  • If $php_handling is set to SMARTY_PHP_ALLOW, this is implicitly changed to SMARTY_PHP_PASSTHRU

  • PHP functions are not allowed in {if} statements, except those specified in the $security_settings

  • Templates can only be included from directories listed in the $secure_dir array

  • Local files can only be fetched from directories listed in the $secure_dir array using {fetch}

  • {php}{/php} tags are not allowed

  • PHP functions are not allowed as modifiers, except those specified in the $security_settings

Prev  Up  Next
$php_handling  Home  $secure_dir
Comments
No comments for this page.
Post a Comment
All comments are moderated. Support questions are ignored, use the forums instead.
Author:
Email: (not shown)
What is 13 plus 19? (Are you human?)

Sponsors [info]

Cheap Website Hosting @hostdone.com
email marketing @ActiveCampaign
I.T Certification Exams @pass-guaranteed.com
Certification Practice Tests @firsttrycertify.com
Certification Practice Exam Questions @ace-it-certifications.com
Broadband Providers @broadbandproviders.co.uk
bulk email software @americaint.com
ASP.NET hosting @aspnethosting.co.uk