Project

General

Profile

1 2 Manuela
<?php
2
3
/*
4
 * This file is part of Twig.
5
 *
6
 * (c) 2009 Fabien Potencier
7
 *
8
 * For the full copyright and license information, please view the LICENSE
9
 * file that was distributed with this source code.
10
 */
11
12
/**
13
 * Twig_NodeVisitor_Sandbox implements sandboxing.
14
 *
15
 * @author Fabien Potencier <fabien@symfony.com>
16
 */
17
class Twig_NodeVisitor_Sandbox extends Twig_BaseNodeVisitor
18
{
19
    protected $inAModule = false;
20
    protected $tags;
21
    protected $filters;
22
    protected $functions;
23
24
    /**
25
     * {@inheritdoc}
26
     */
27
    protected function doEnterNode(Twig_Node $node, Twig_Environment $env)
28
    {
29
        if ($node instanceof Twig_Node_Module) {
30
            $this->inAModule = true;
31
            $this->tags = array();
32
            $this->filters = array();
33
            $this->functions = array();
34
35
            return $node;
36
        } elseif ($this->inAModule) {
37
            // look for tags
38
            if ($node->getNodeTag() && !isset($this->tags[$node->getNodeTag()])) {
39
                $this->tags[$node->getNodeTag()] = $node;
40
            }
41
42
            // look for filters
43
            if ($node instanceof Twig_Node_Expression_Filter && !isset($this->filters[$node->getNode('filter')->getAttribute('value')])) {
44
                $this->filters[$node->getNode('filter')->getAttribute('value')] = $node;
45
            }
46
47
            // look for functions
48
            if ($node instanceof Twig_Node_Expression_Function && !isset($this->functions[$node->getAttribute('name')])) {
49
                $this->functions[$node->getAttribute('name')] = $node;
50
            }
51
52
            // wrap print to check __toString() calls
53
            if ($node instanceof Twig_Node_Print) {
54
                return new Twig_Node_SandboxedPrint($node->getNode('expr'), $node->getLine(), $node->getNodeTag());
55
            }
56
        }
57
58
        return $node;
59
    }
60
61
    /**
62
     * {@inheritdoc}
63
     */
64
    protected function doLeaveNode(Twig_Node $node, Twig_Environment $env)
65
    {
66
        if ($node instanceof Twig_Node_Module) {
67
            $this->inAModule = false;
68
69
            $node->setNode('display_start', new Twig_Node(array(new Twig_Node_CheckSecurity($this->filters, $this->tags, $this->functions), $node->getNode('display_start'))));
70
        }
71
72
        return $node;
73
    }
74
75
    /**
76
     * {@inheritdoc}
77
     */
78
    public function getPriority()
79
    {
80
        return 0;
81
    }
82
}