Smarty Forum Index Smarty
WARNING: All discussion is moving to https://reddit.com/r/smarty, please go there! This forum will be closing soon.

Delimiters (again)

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Smarty Forum Index -> General
View previous topic :: View next topic  
Author Message
CirTap
Smarty Pro


Joined: 04 Jun 2003
Posts: 106

PostPosted: Sat Aug 09, 2003 12:08 am    Post subject: Delimiters (again) Reply with quote

Hi,
I just read this about delimiters, and I also have the problem with including some files that have JS and CSS examples inthe HTML. Not as part of the <script> or <style> elements, but for examples, tutorials etc.

The tuts should share the same page template, designed with love and passion, and bloaded with { } for the regular Smarty vars Wink,
As I "know" that some tutorial will contain { and } in the content, I'm curious if I could change the delimiters on the fly:[php:1:d8ad4d9513]<?php
// change for the tutorial
$smarty->left_delimiter = '<{';
$smarty->right_delimiter = '}>';
$TutContent = $smarty->fetch('tuto1.html')
// revert for the other templates
$smarty->left_delimiter = '{';
$smarty->right_delimiter = '}';
$smarty->display('page.tpl');
?>[/php:1:d8ad4d9513]
with page.tpl:
Code:
<h1>Tutorial</h1>
{$TutContent}


Or is there some other way to "passthru" an external file so that Smarty doesn't look inside it and get upset?
That would solve it, too, 'cos I have plenty of content-only, static htmls I need to put in the same design as the rest of the site.

Thanx,
CirTap
Back to top
View user's profile Send private message
boots
Administrator


Joined: 16 Apr 2003
Posts: 5611
Location: Toronto, Canada

PostPosted: Mon Aug 11, 2003 9:44 pm    Post subject: Reply with quote

Hi ClrTap.

Perhaps you would be served by a pre-filter? You may also get away with bunging the {php_include} and pointing it to your static file (though I never thought of that before just now Smile

I think there is some merit in using configuration files for something like this since they will get compiled right into your template.

Finally, you can create a plugin that instantiates a second smarty with different delimiters, though you are bound to run into all kinds of trouble or at least a bit of a speed bump.

What we really need is an ASP-like virtual include to allow static content to be passed through without even any PHP processing. If that is possible, I'd love to hear about it Smile

Good luck!
Back to top
View user's profile Send private message
messju
Administrator


Joined: 16 Apr 2003
Posts: 3336
Location: Oldenburg, Germany

PostPosted: Mon Aug 11, 2003 10:01 pm    Post subject: Re: Delimiters (again) Reply with quote

CirTap wrote:
Or is there some other way to "passthru" an external file so that Smarty doesn't look inside it and get upset?
That would solve it, too, 'cos I have plenty of content-only, static htmls I need to put in the same design as the rest of the site.


hmm, maybe you want {fetch}: http://smarty.php.net/manual/en/language.function.fetch.php
Back to top
View user's profile Send private message Send e-mail Visit poster's website
boots
Administrator


Joined: 16 Apr 2003
Posts: 5611
Location: Toronto, Canada

PostPosted: Mon Aug 11, 2003 10:06 pm    Post subject: Reply with quote

Well, {fetch} is way better than the {php_include} hack I suggested Embarassed
Back to top
View user's profile Send private message
CirTap
Smarty Pro


Joined: 04 Jun 2003
Posts: 106

PostPosted: Wed Aug 13, 2003 10:50 am    Post subject: Reply with quote

Hi,

@messju: I don't know if fetch() will solve this as it's just a display() without, well ... display Smile The files still get parsed, right?
@boots: I agree that using a second $smarty will probably cause interesting side effects. The pre-filter might work, but I don't actually like the idea of prefiltering any "static" file, which may be huge and must not necessarily contain the delimiter signs -- most do now, but only "most".
I'd like to "keep it stupid and simple" <g>

The "problem" I have is that (again) "most" URLs are "virtual", redirected via .htaccess/ErrorDocument and RewriteCond !-f / !-d to my "makepage.php" script -- the workhorse on the site. Similar to what happens in "error.php" @ php.net.
Because I need a combination of .php files for data-preparation, inclusion of smaller, .html snippets and real files, extensions are mapped internally to either include() some .php in makepage.php with the option to exit, when they are done or "tweak" the $ContentFile, {include file=$ContentFile} or just do {$Content} - the last one is causing trouble with the "technical documents" as described above.

Hmmm... and now by writing this, the "new" registered objects Wink -- or some function/block plug-in -- may solve this, e.g:
{Content->show $StaticFile} or {content uri=$StaticFile}
and do a native PHP passthru(), without bothering Smarty to cache or compile it.
As I haven't tried so far, will this work? I mean prevent Smarty from even "seeing" that there's some file (except maybe the variable) and that it shoud keep its hands off?
Here's a simple dir layout
Quote:
/templates/page.tpl
/templates/content/index.php
/templates/content/somefile.html
/templates/content/area1/index.html

/www/some/physical/tutorial.htm

page.tpl contains some {if}s to use {include}, {$Content}, or {content}
[php:1:89fd8a9e6b]/* REQUEST_URI ~ triggered function/file */
www.beispiel.de // ~ include("/templates/content/index.php")
www.beispiel.de/somefile // ~ page.tpl: {include file="/content/somefile.html"}
www.beispiel.de/area1 // ~ page.tpl: {include file="/content/area1/index.html"}
# and if the "new" idea works:
www.beispiel.de/some/physical/tutorial.htm
// {content_file path=$StaticFile}
[/php:1:89fd8a9e6b]
The latter could be handled using something like this in .htaccess:
AddType application/x-httpd-parse .htm
Action application/x-httpd-parse "/makepage.php?StaticFile="

Any technical suggestions?

t.i.a,

CirTap
Back to top
View user's profile Send private message
messju
Administrator


Joined: 16 Apr 2003
Posts: 3336
Location: Oldenburg, Germany

PostPosted: Wed Aug 13, 2003 10:54 am    Post subject: Reply with quote

CirTap wrote:

@messju: I don't know if fetch() will solve this as it's just a display() without, well ... display Smile The files still get parsed, right?


follow the link i posted. it's "{fetch file=...}" not $smarty->fetch().

[EDIT: ... and no, the files are not parsed]
Back to top
View user's profile Send private message Send e-mail Visit poster's website
CirTap
Smarty Pro


Joined: 04 Jun 2003
Posts: 106

PostPosted: Mon Aug 18, 2003 1:14 pm    Post subject: Reply with quote

@messju: I was mentially locked to fetch(), sorry. Smile

I followed your link, but it appears that {fetch} may not solve this either, but would raise another problem: I run Smarty in secure mode and the static files are in any subdirectory of the document-root (see the dir layout I posted). AFAIK secure_dirs must match entirely and are not handled as "prefixes" like PHP's open_basedir. I can't add all possible and future folders from the document root to the secure dirs -- and this would as well break the idea.

The setup of .htaccess (see above) is essential and I need support for both, virtual and physical files/URLs. Due to Apache's response codes and actions I can handle them differently.
What applies to every content file:
URLs serve as part for an SQL statement and a couple of PHP modules to create navigation, menus, design elements etc. -- and they are search engine savvy, too.
The files (articles, tutorials...) are actually nothing but the "body.innerHTML". The "body.outerHTML" is in any case created using the same set of templates, and it must be compiled and cached 'cos its shared with other pages.

Now the files that are accessible via the "virtual URLs" are "by accident" stored in a secure directory, because they are inside subdirectories of $template_dir. The script adds two of the path' to the $secure_dirs: one matching the requested translation and one for the default language. There's more happening here, but in the end there's a maximum of three directories to look for the actual file.
This works as intended and the translators may use (known) Smarty vars and (safe) modifiers in their documents, and because their (FTP) accounts point to one language directory, they don't interfere with the rest of the site. Their files, only reachable via the virtual, redirected 404-URLs(!), get parsed and cached -- everyone's happy.

Then I have those not-to-be-translated files stored in the document root. They can become rather large or complex, but are handled like the other pages (URLs, SQL, menus, design). This part works fine and I'm happy with that.
The only difference would be the filepath used for {include file=$ContentFile}, which would be some "file:/www/some/physical/tutorial.htm".

So this is the situation, and due to the delimiter problem I'm stuck.
It appears that I need to write some new {block} handler, have some registered object's method do the work or introduce a special ressource type to manage those files.
I just don't know which one would be the best choice to make sure Smarty never ever reaches those files and keeps it's parsing, caching and compiling hands off.

Any suggestions on how to proceed?

t.i.a.
CirTap
Back to top
View user's profile Send private message
messju
Administrator


Joined: 16 Apr 2003
Posts: 3336
Location: Oldenburg, Germany

PostPosted: Mon Aug 18, 2003 2:02 pm    Post subject: Reply with quote

CirTap wrote:
I followed your link, but it appears that {fetch} may not solve this either, but would raise another problem: I run Smarty in secure mode and the static files are in any subdirectory of the document-root (see the dir layout I posted). AFAIK secure_dirs must match entirely and are not handled as "prefixes" like PHP's open_basedir.


AFAIK not. it works like open_basedir.

Quote:

...

So this is the situation, and due to the delimiter problem I'm stuck.
It appears that I need to write some new {block} handler, have some registered object's method do the work or introduce a special ressource type to manage those files.
I just don't know which one would be the best choice to make sure Smarty never ever reaches those files and keeps it's parsing, caching and compiling hands off.


use a plugin function (or a method if you prefer that). build something that works like function.fetch.php Smile
Back to top
View user's profile Send private message Send e-mail Visit poster's website
CirTap
Smarty Pro


Joined: 04 Jun 2003
Posts: 106

PostPosted: Mon Aug 18, 2003 5:00 pm    Post subject: Reply with quote

messju wrote:
AFAIK not. it works like open_basedir.

hmm, so what's this line in _is_secure() doing? where $curr_dir is one of the secure directories:
[php:1:a3b6ca5ecf]if (substr(realpath($resource_name),0, strlen(realpath($curr_dir))) == realpath($curr_dir))
// examples
$curr_dir = '/path/templates';
$resource_name = '/path/templates/content/de/gaga.html';
realpath($resource_name) ~ '/path/templates/content/de'
realpath($curr_dir) ~ '/path/templates'
substr(...) ~ '/content/de'
[/php:1:a3b6ca5ecf]
and '/content/de' !== '/path/templates', so the file was always considered insecure.
I had to add the path to the localized content files to secure_dir[] or Smarty rejected it.

However, this does no longer cause any trouble. I'll go and write some {passthru} function Smile

CirTap
Back to top
View user's profile Send private message
messju
Administrator


Joined: 16 Apr 2003
Posts: 3336
Location: Oldenburg, Germany

PostPosted: Mon Aug 18, 2003 5:18 pm    Post subject: Reply with quote

@CirTap: the line is _is_secure compares if the realpath of $curr_dir is equal to the first n characters of the realpath of $resource_name (n being the length of realpath($curr_dir). so the beginnings of the 2 paths are compared not the ends!
Back to top
View user's profile Send private message Send e-mail Visit poster's website
CirTap
Smarty Pro


Joined: 04 Jun 2003
Posts: 106

PostPosted: Mon Aug 18, 2003 5:35 pm    Post subject: Reply with quote

Embarassed stupid me <smack>
I swear that I traced the loop to find out why my files were not included, and only if I added their full path to secure_dir, so that curr_dir and ressource were the same, it worked. it works still, and I'm not going to touch it or find out what made me do this that night Wink

CirTap
Back to top
View user's profile Send private message
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Smarty Forum Index -> General All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Protected by Anti-Spam ACP