Commit 3fb40e58 authored by Marius Burkard's avatar Marius Burkard
Browse files

- prevent undefined var in loop count for tpl lib

parent 0b6c0554
Pipeline #11114 passed with stage
in 7 minutes and 19 seconds
......@@ -931,12 +931,17 @@ if (!defined('vlibTemplateClassLoaded')) {
{
array_push($this->_namespace, $varname);
$tempvar = count($this->_namespace) - 1;
$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < count(\$this->_arrvars";
$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < (isset(\$this->_arrvars";
for ($i=0; $i < count($this->_namespace); $i++) {
$retstr .= "['".$this->_namespace[$i]."']";
if ($this->_namespace[$i] != $varname) $retstr .= "[\$_".$i."]";
}
return $retstr."); \$_".$tempvar."++) {";
$retstr .= ") ? count(\$this->_arrvars";
for ($i=0; $i < count($this->_namespace); $i++) {
$retstr .= "['".$this->_namespace[$i]."']";
if ($this->_namespace[$i] != $varname) $retstr .= "[\$_".$i."]";
}
return $retstr.") : 0); \$_".$tempvar."++) {";
}
/**
......@@ -1035,7 +1040,7 @@ if (!defined('vlibTemplateClassLoaded')) {
$wholetag = $args[0];
$openclose = $args[1];
$tag = strtolower($args[2]);
if ($tag == 'else') return '<?php } else { ?>';
if ($tag == 'tmpl_include') return $wholetag; // ignore tmpl_include tags
......@@ -1170,7 +1175,15 @@ if (!defined('vlibTemplateClassLoaded')) {
array_push($this->_currentincludedir, dirname($this->_tmplfilename));
$this->_includedepth++;
$success = @eval($this->_tmplfilep);
try {
$success = @eval($this->_tmplfilep);
} catch(Exception $ex) {
print $this->_tmplfilep;
throw $ex;
} catch(TypeError $ex) {
print $this->_tmplfilep;
throw $ex;
}
$this->_includedepth--;
array_pop($this->_currentincludedir);
......
......@@ -1914,10 +1914,10 @@ class installer_base {
}
$tpl->setVar('dkim_path', $mail_config['dkim_path']);
$tpl->setVar('rspamd_redis_servers', $mail_config['rspamd_redis_servers']);
$tpl->setVar('rspamd_redis_password', $mail_config['rspamd_redis_password']);
$tpl->setVar('rspamd_redis_bayes_servers', $mail_config['rspamd_redis_bayes_servers']);
$tpl->setVar('rspamd_redis_bayes_password', $mail_config['rspamd_redis_bayes_password']);
$tpl->setVar('rspamd_redis_servers', (isset($mail_config['rspamd_redis_servers']) ? $mail_config['rspamd_redis_servers'] : ''));
$tpl->setVar('rspamd_redis_password', (isset($mail_config['rspamd_redis_password']) ? $mail_config['rspamd_redis_password'] : ''));
$tpl->setVar('rspamd_redis_bayes_servers', (isset($mail_config['rspamd_redis_bayes_servers']) ? $mail_config['rspamd_redis_bayes_servers'] : ''));
$tpl->setVar('rspamd_redis_bayes_password', (isset($mail_config['rspamd_redis_bayes_password']) ? $mail_config['rspamd_redis_bayes_password'] : ''));
if(count($local_addrs) > 0) {
$tpl->setLoop('local_addrs', $local_addrs);
}
......
......@@ -233,7 +233,7 @@ if (!defined('vlibTemplateClassLoaded')) {
public function setVar($k, $v = null, $encode = false)
{
global $app;
if (is_array($k)) {
foreach($k as $key => $value){
$key = ($this->OPTIONS['CASELESS']) ? strtolower(trim($key)) : trim($key);
......@@ -1079,12 +1079,12 @@ if (!defined('vlibTemplateClassLoaded')) {
private function _parseHook ($name)
{
global $app;
if(!$name) return false;
$module = isset($_SESSION['s']['module']['name']) ? $_SESSION['s']['module']['name'] : '';
$form = isset($app->tform->formDef['name']) ? $app->tform->formDef['name'] : '';
$events = array();
if($module) {
$events[] = $module . ':' . ($form ? $form : '') . ':' . $name;
......@@ -1093,9 +1093,9 @@ if (!defined('vlibTemplateClassLoaded')) {
$events[] = $name;
$events[] = 'on_template_content';
}
$events = array_unique($events);
for($e = 0; $e < count($events); $e++) {
$tmpresult = $app->plugin->raiseEvent($events[$e], array(
'name' => $name,
......@@ -1104,10 +1104,10 @@ if (!defined('vlibTemplateClassLoaded')) {
), true);
if(!$tmpresult) $tmpresult = '';
else $tmpresult = $this->_getData($tmpresult, false, true);
$result .= $tmpresult;
}
return $result;
}
......@@ -1121,12 +1121,17 @@ if (!defined('vlibTemplateClassLoaded')) {
{
array_push($this->_namespace, $varname);
$tempvar = count($this->_namespace) - 1;
$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < count(\$this->_arrvars";
$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < (isset(\$this->_arrvars";
for ($i=0; $i < count($this->_namespace); $i++) {
$retstr .= "['".$this->_namespace[$i]."']";
if ($this->_namespace[$i] != $varname) $retstr .= "[\$_".$i."]";
}
return $retstr."); \$_".$tempvar."++) {";
$retstr .= ") ? count(\$this->_arrvars";
for ($i=0; $i < count($this->_namespace); $i++) {
$retstr .= "['".$this->_namespace[$i]."']";
if ($this->_namespace[$i] != $varname) $retstr .= "[\$_".$i."]";
}
return $retstr.") : 0); \$_".$tempvar."++) {";
}
/**
......@@ -1225,7 +1230,7 @@ if (!defined('vlibTemplateClassLoaded')) {
$wholetag = $args[0];
$openclose = $args[1];
$tag = strtolower($args[2]);
if ($tag == 'else') return '<?php } else { ?>';
if ($tag == 'tmpl_include') return $wholetag; // ignore tmpl_include tags
......@@ -1303,10 +1308,10 @@ if (!defined('vlibTemplateClassLoaded')) {
if ($this->OPTIONS['ENABLE_PHPINCLUDE']) {
return '<?php include(\''.$file.'\'); ?>';
}
case 'hook':
return $this->_parseHook(@$var);
case 'include':
return '<?php $this->_getData($this->_fileSearch(\''.$file.'\'), 1); ?>';
......
......@@ -1074,10 +1074,10 @@ if (!defined('vlibTemplateClassLoaded')) {
private function _parseHook ($name)
{
global $app;
$namespace = '';
if(strpos($name, ':') !== false) list($namespace, $name) = explode(':', $name, 2);
$result = $app->plugins->raiseAction('on_template_content_hook', array(
'name' => $name,
'namespace' => $namespace,
......@@ -1085,7 +1085,7 @@ if (!defined('vlibTemplateClassLoaded')) {
), true);
if(!$result) $result = '';
else $result = $this->_getData($result, false, true);
return $result;
}
......@@ -1099,12 +1099,17 @@ if (!defined('vlibTemplateClassLoaded')) {
{
array_push($this->_namespace, $varname);
$tempvar = count($this->_namespace) - 1;
$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < count(\$this->_arrvars";
$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < (isset(\$this->_arrvars";
for ($i=0; $i < count($this->_namespace); $i++) {
$retstr .= "['".$this->_namespace[$i]."']";
if ($this->_namespace[$i] != $varname) $retstr .= "[\$_".$i."]";
}
$retstr .= ") ? count(\$this->_arrvars";
for ($i=0; $i < count($this->_namespace); $i++) {
$retstr .= "['".$this->_namespace[$i]."']";
if ($this->_namespace[$i] != $varname) $retstr .= "[\$_".$i."]";
}
return $retstr."); \$_".$tempvar."++) {";
return $retstr.") : 0); \$_".$tempvar."++) {";
}
/**
......@@ -1203,7 +1208,7 @@ if (!defined('vlibTemplateClassLoaded')) {
$wholetag = $args[0];
$openclose = $args[1];
$tag = strtolower($args[2]);
if ($tag == 'else') return '<?php } else { ?>';
if ($tag == 'tmpl_include') return $wholetag; // ignore tmpl_include tags
......@@ -1281,10 +1286,10 @@ if (!defined('vlibTemplateClassLoaded')) {
if ($this->OPTIONS['ENABLE_PHPINCLUDE']) {
return '<?php include(\''.$file.'\'); ?>';
}
case 'hook':
return $this->_parseHook(@$var);
case 'include':
return '<?php $this->_getData($this->_fileSearch(\''.$file.'\'), 1); ?>';
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment