Smarty Forum Index Smarty
The discussions here are for Smarty, a template engine for the PHP programming language.
Problem with compile filepath
Goto page Previous  1, 2, 3
 
Post new topic   Reply to topic    Smarty Forum Index -> Smarty Development
View previous topic :: View next topic  
Author Message
rodneyrehm
Administrator


Joined: 30 Mar 2007
Posts: 698
Location: Germany, border to Switzerland

PostPosted: Fri Jul 08, 2011 8:14 am    Post subject: Reply with quote

Loki wrote:
globe wrote:
$smarty->template_dir is an array.

include_path in php.ini also contents several paths and it works well. So it's strange argument about an array.


Well, you know how an array (yes, even the include_path) is to be handled? Iterate through it. Not very fast. And not very tansparent, as you can't know where you end up. Have a look at the following structure:

Code:
/bar/bar.tpl
/templates/foo.tpl
/templates/bar/bar.tpl
/templates/alpha/foo.tpl
/templates/alpha/bar/bar.tpl
and
Code:
$smarty->setTemplateDir(array(
  '/templates/alpha',
  '/templates/',
));


If you'd call $smarty->fetch('../bar/bar.tpl'); - which file would you expect to hit? /bar/bar.tpl or /template/bar/bar.tpl?

Why would you even want to hit /bar/bar.tpl? it is not in your tempalte_dir - which may be a security issue!
Back to top
View user's profile Send private message Visit poster's website
Loki
Smarty Rookie


Joined: 13 Jan 2011
Posts: 30

PostPosted: Fri Jul 08, 2011 8:29 am    Post subject: Reply with quote

Code:

/templates/bar.tpl
/templates/alpha/bar.tpl

and
Code:

$smarty->setTemplateDir(array(
  '/templates/alpha',
  '/templates/',
));

If you'd call $smarty->fetch('bar.tpl'); - which file would you expect to hit? /templates/bar.tpl or /templates/alpha/bar.tpl?

I i haven't see difference between your example and mine. It's still not very transparent and still not very fast and still iterate one by one.
Back to top
View user's profile Send private message
rodneyrehm
Administrator


Joined: 30 Mar 2007
Posts: 698
Location: Germany, border to Switzerland

PostPosted: Fri Jul 08, 2011 8:37 am    Post subject: Reply with quote

My point was, that with a ../ you can break out of the current template_dir. You could either end up in another template_dir or somewhere else entirely. And that poses a problem.
Back to top
View user's profile Send private message Visit poster's website
Loki
Smarty Rookie


Joined: 13 Jan 2011
Posts: 30

PostPosted: Fri Jul 08, 2011 8:52 am    Post subject: Reply with quote

I understand you.
But you are not banned using the relative path starting with ../ in the tempaltes.
Maybe better way to use something like open_basedir in php.ini?
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Smarty Forum Index -> Smarty Development All times are GMT
Goto page Previous  1, 2, 3
Page 3 of 3

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Protected by Anti-Spam ACP