Merge branch 'support/4.3' into warn_when_using_unregistered_function

CHANGELOG.md

@@ -7,7 +7,20 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
 
 ### Changed
-- Using PHP functions and unregistered static class methods in expressions now also triggers a deprecation notice because we will drop support for this in the next major release [#813](https://github.com/smarty-php/smarty/issues/813)
+- Using unregistered static class methods in expressions now also triggers a deprecation notice because we will drop support for this in the next major release [#813](https://github.com/smarty-php/smarty/issues/813)
+
+## [4.3.4] - 2023-09-14
+
+## [4.3.3] - 2023-09-14
+
+### Fixed
+- `|strip_tags` does not work if the input is 0 [#890](https://github.com/smarty-php/smarty/issues/890)
+- Use of negative numbers in {math} equations [#895](https://github.com/smarty-php/smarty/issues/895)
+
+## [4.3.2] - 2023-07-19
+
+### Fixed
+- `$smarty->muteUndefinedOrNullWarnings()` now also mutes PHP8 warnings for undefined properties
 
 ## [4.3.1] - 2023-03-28
 

libs/Smarty.class.php

@@ -107,7 +107,7 @@ class Smarty extends Smarty_Internal_TemplateBase
     /**
      * smarty version
      */
-    const SMARTY_VERSION = '4.3.1';
+    const SMARTY_VERSION = '4.3.4';
     /**
      * define variable scopes
      */

libs/debug.tpl

@@ -167,9 +167,7 @@
     </html>
 {/capture}
 <script type="text/javascript">
-    {$id = '__Smarty__'}
-    {if $display_mode}{$id = "$offset$template_name"|md5}{/if}
-    _smarty_console = window.open("", "console{$id}", "width=1024,height=600,left={$offset},top={$offset},resizable,scrollbars=yes");
+    _smarty_console = window.open("", "console{$targetWindow}", "width=1024,height=600,left={$offset},top={$offset},resizable,scrollbars=yes");
     _smarty_console.document.write("{$debug_output|escape:'javascript' nofilter}");
     _smarty_console.document.close();
 </script>

libs/plugins/function.math.php

@@ -67,7 +67,7 @@ function smarty_function_math($params, $template)
     $equation = preg_replace('/\s+/', '', $equation);
 
     // Adapted from https://www.php.net/manual/en/function.eval.php#107377
-    $number = '(?:\d+(?:[,.]\d+)?|pi|π)'; // What is a number
+    $number = '-?(?:\d+(?:[,.]\d+)?|pi|π)'; // What is a number
     $functionsOrVars = '((?:0x[a-fA-F0-9]+)|([a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*))';
     $operators = '[,+\/*\^%-]'; // Allowed math operators
     $regexp = '/^(('.$number.'|'.$functionsOrVars.'|('.$functionsOrVars.'\s*\((?1)*\)|\((?1)*\)))(?:'.$operators.'(?1))?)+$/';

libs/plugins/modifiercompiler.strip_tags.php

@@ -21,7 +21,7 @@
 function smarty_modifiercompiler_strip_tags($params)
 {
     if (!isset($params[ 1 ]) || $params[ 1 ] === true || trim($params[ 1 ], '"') === 'true') {
-        return "preg_replace('!<[^>]*?>!', ' ', {$params[0]} ?: '')";
+        return "preg_replace('!<[^>]*?>!', ' ', (string) {$params[0]})";
     } else {
         return 'strip_tags((string) ' . $params[ 0 ] . ')';
     }

libs/sysplugins/smarty_internal_debug.php

@@ -238,9 +238,12 @@ public function display_debug($obj, $full = false)
         $_config_vars = $ptr->config_vars;
         ksort($_config_vars);
         $debugging = $smarty->debugging;
+        $templateName = $obj->source->type . ':' . $obj->source->name;
+        $displayMode = $debugging === 2 || !$full;
+        $offset = $this->offset * 50;
         $_template = new Smarty_Internal_Template($debObj->debug_tpl, $debObj);
         if ($obj->_isTplObj()) {
-            $_template->assign('template_name', $obj->source->type . ':' . $obj->source->name);
+            $_template->assign('template_name', $templateName);
         }
         if ($obj->_objType === 1 || $full) {
             $_template->assign('template_data', $this->template_data[ $this->index ]);
@@ -250,8 +253,8 @@ public function display_debug($obj, $full = false)
         $_template->assign('assigned_vars', $_assigned_vars);
         $_template->assign('config_vars', $_config_vars);
         $_template->assign('execution_time', microtime(true) - $smarty->start_time);
-        $_template->assign('display_mode', $debugging === 2 || !$full);
-        $_template->assign('offset', $this->offset * 50);
+        $_template->assign('targetWindow', $displayMode ? md5("$offset$templateName") : '__Smarty__');
+        $_template->assign('offset', $offset);
         echo $_template->fetch();
         if (isset($full)) {
             $this->index--;

libs/sysplugins/smarty_internal_errorhandler.php

@@ -17,6 +17,12 @@ class Smarty_Internal_ErrorHandler
      */
     public $allowUndefinedVars = true;
 
+    /**
+     * Allows {$foo->propName} where propName is undefined.
+     * @var bool
+     */
+    public $allowUndefinedProperties = true;
+
     /**
      * Allows {$foo.bar} where bar is unset and {$foo.bar1.bar2} where either bar1 or bar2 is unset.
      * @var bool
@@ -80,6 +86,13 @@ public function handleError($errno, $errstr, $errfile, $errline, $errcontext = [
             return; // suppresses this error
         }
 
+        if ($this->allowUndefinedProperties && preg_match(
+                '/^(Undefined property)/',
+                $errstr
+            )) {
+            return; // suppresses this error
+        }
+
         if ($this->allowUndefinedArrayKeys && preg_match(
             '/^(Undefined index|Undefined array key|Trying to access array offset on value of type)/',
             $errstr

libs/sysplugins/smarty_template_compiled.php

@@ -85,7 +85,7 @@ public function populateCompiledFilepath(Smarty_Internal_Template $_template)
      *
      * @param Smarty_Internal_Template $_template
      *
-     * @return string
+     * @return void
      * @throws Exception
      */
     public function render(Smarty_Internal_Template $_template)

make-release.sh

@@ -14,7 +14,7 @@ sed -i "s/const SMARTY_VERSION = '[^']\+';/const SMARTY_VERSION = '$1';/" libs/S
 git add CHANGELOG.md libs/Smarty.class.php
 git commit -m "version bump"
 
-git checkout master
+git checkout support/4.3
 git pull
 git merge --no-ff "release/$1"
 git branch -d "release/$1"

tests/UnitTests/A_Core/AutoEscape/AutoEscapeTest.php

@@ -30,4 +30,36 @@ public function testAutoEscape()
         $tpl->assign('foo', '<[email protected]>');
         $this->assertEquals("&lt;[email protected]&gt;", $this->smarty->fetch($tpl));
     }
+
+
+    /**
+     * test 'escapeHtml' property
+     * @group issue906
+     */
+    public function testAutoEscapeDoesNotEscapeFunctionPlugins()
+    {
+        $this->smarty->registerPlugin(
+            Smarty::PLUGIN_FUNCTION,
+            'horizontal_rule',
+            function ($params, $smarty)	{ return "<hr>"; }
+        );
+        $tpl = $this->smarty->createTemplate('eval:{horizontal_rule}');
+        $this->assertEquals("<hr>", $this->smarty->fetch($tpl));
+    }
+
+    /**
+     * test 'escapeHtml' property
+     * @group issue906
+     */
+    public function testAutoEscapeDoesNotEscapeBlockPlugins()
+    {
+        $this->smarty->registerPlugin(
+            Smarty::PLUGIN_BLOCK,
+            'paragraphify',
+            function ($params, $content)	{ return $content == null ? null :  "<p>".$content."</p>"; }
+        );
+        $tpl = $this->smarty->createTemplate('eval:{paragraphify}hi{/paragraphify}');
+        $this->assertEquals("<p>hi</p>", $this->smarty->fetch($tpl));
+    }
+
 }

tests/UnitTests/TemplateSource/TagTests/PluginModifier/PluginModifierStripTagsTest.php

@@ -0,0 +1,46 @@
+<?php
+/**
+ * Smarty PHPunit tests of modifier
+ */
+
+namespace UnitTests\TemplateSource\TagTests\PluginModifier;
+use PHPUnit_Smarty;
+
+/**
+ * class for modifier tests
+ *
+ * @runTestsInSeparateProcess
+ * @preserveGlobalState disabled
+ * @backupStaticAttributes enabled
+ */
+class PluginModifierStripTagsTest extends PHPUnit_Smarty {
+
+	public function setUp(): void {
+		$this->setUpSmarty(__DIR__);
+	}
+
+	public function testDefault() {
+		$tpl = $this->smarty->createTemplate('string:{$x|strip_tags}');
+		$tpl->assign('x', '<b>hi</b>');
+		$this->assertEquals(" hi ", $this->smarty->fetch($tpl));
+	}
+
+	public function testParam1() {
+		$tpl = $this->smarty->createTemplate('string:{$x|strip_tags:false}');
+		$tpl->assign('x', '<b>hi</b>');
+		$this->assertEquals("hi", $this->smarty->fetch($tpl));
+	}
+
+	public function testInputIsFalsy0() {
+		$tpl = $this->smarty->createTemplate('string:{$x|strip_tags}');
+		$tpl->assign('x', 0);
+		$this->assertEquals("0", $this->smarty->fetch($tpl));
+	}
+
+	public function testInputIsFalsy1() {
+		$tpl = $this->smarty->createTemplate('string:{$x|strip_tags}');
+		$tpl->assign('x', '');
+		$this->assertEquals("", $this->smarty->fetch($tpl));
+	}
+
+}

tests/UnitTests/TemplateSource/ValueTests/Math/MathTest.php

@@ -101,6 +101,14 @@ public function testFunctionFloat()
         $this->assertEquals($expected, $this->smarty->fetch($tpl));
     }
 
+    public function testNegativeNumbers()
+    {
+        $this->smarty->disableSecurity();
+        $expected = "-19 -- 4.1";
+        $tpl = $this->smarty->createTemplate('eval:{$x = 4}{$y = 5.5}{math equation="-2.0*(x+y)" x=$x y=$y} -- {math equation="-20.5 / -5"}');
+        $this->assertEquals($expected, $this->smarty->fetch($tpl));
+    }
+
     public function testSyntaxFormat()
     {
         $this->smarty->disableSecurity();