I cannot seem to figure out where to set the trusted_dir variable in Smarty 3. Now anytime I use a {insert name="func_name" script="thescript"} I get the error "missing script file".
Does anyone out there know how to allow this? $smarty->security is set to false.
Thank you.
EDIT: As of the posting of this question, this functionality has not been added to Smarty 3 yet, but a Smarty admin has assured me he will get onto adding the functionality ASAP. (http://www.smarty.net/forums/viewtopic.php?p=65549), so we should see it soon.
EDIT 2 The functionality has now been added to Smarty 3 and works as in Smarty 2! :-)
http://www.smarty.net/manual/en/variable.trusted.dir.php
It basically says that you have to enable security to access it.
To set the trusted_dir you would do something similiar to this:
$Smarty->trusted_dir = array(
'my_first_dir',
'my_second_dir/my_third_dir'
);
which would allow scripts from my_first_dir and my_third_dir (which is located within my_second_dir).
Related
I'm using the following library to give a update feature to my WordPress and this works fine with the code of documentation.
https://github.com/YahnisElsts/plugin-update-checker/blob/master/README.md
require 'plugin-update-checker/plugin-update-checker.php';
$myUpdateChecker = Puc_v4_Factory::buildUpdateChecker(
'https://github.com/user-name/repo-name/',
__FILE__,
'unique-plugin-or-theme-slug'
);
But I'm really wondering where this '$myUpdateChecker' variable came from and how this is working, because I can't find any part of the library's files using this variable.
It seems to be totally independent for me.
Thank you in advance.
You're creating the variable right there. You can even name it something else if you want (eg. $update_checker), that shouldn't cause any issues in this particular case as the variable isn't being used anywhere else (according to your own words.)
For more details: PHP variables.
I've searched around and struggled to come up with a solution to this.
I've inherited a project with several thousand php files, each of which has multiple links in the form of:
<a href="_link.php?[RANDOMSTRING]">
Trouble is, I don't have the _link.php file.
I'm assuming its some kind of redirect script, as it is supposed to send the user to
RANDOMSTRING.php
when clicked.
It doesn't do anything nice like use a variable name like
_link.php?url=[RANDOMSTRING]
What code do I need to put into _link.php to just get it working for now. Its a hacky job and I'm planing a major overall and sticking all of this content into a database, but for now I just need the flatfile version running.
Cheers for your help.
Assuming that there are not actual [], then a hack is to create the file _link.php and inside, either redirect:
<?php
header("location: {$_SERVER['QUERY_STRING']}.php");
exit;
Or possibly include if that would work:
<?php
include("{$_SERVER['QUERY_STRING']}.php");
If there are actual [] then just trim them:
trim($_SERVER['QUERY_STRING'], '[]');
I have continued my voyage into creating a extremely simple template engine.
Because I wanted to add logic to my template I eventually got back to the point that I allowed PHP tags into my code which I enabled by evalling the code.
Maybe not the best solution but when looking at the WordPress templates I noticed that the idea itself may not be that bad.
But now there still is one small problem left.
And that is that I want to translate the generated code.
But it has been evalled already. Hence parsed.
I thought of solving this problem by using ob_get_contents().
But this brought one more question and in case of errors it shows a white screen. (memory usage etc.)
Plus it still did not take away the problem of eval that it parsed the contents when evalled.
In short the class logic is:
Loading template files
Adding the contents
Compiling the template
Eval the code (but unfortunately also displaying the code)
Translate the code so I can translate the code parsed by a PHP script
I would love something like:
$code = eval('?>'.$tpl.'<?php');
$code = translate($code);
WriteCache($code);
SetDocumentHeader();
echo $code;
Would anyone know how to achieve this?
Thanks in advance!
$code = eval($tpl);
Check this out.
I'm trying to modify the user's address right after registration.
When you create a new user, The address needs to be modified and a trailing string needs to be added, such as this : ####.
I've created an addon, added the path /controllers/frontend/profiles.post.php,
I've attached to the $mode == 'add' , That's where I'm stuck.
How can I know which variables are available to me, It seems there's no way to debug, var_dump or echo. nothing seems to work.
The file is executing because if I type some broken syntax the server returns 500 internal error,
So my main question :
How can you debug at all any CS-cart addon?
Patrick,
To find out what variables do you have you can use fn_print_r($_REQUEST)
where
fn_print_r - good looking cs-cart wrapper of print_r
Actually the variables from profiles.php are not available in profiles.post.php because these are different variable scopes.
So most probably the only variables you will have is global PHP like $_REQUEST $_SERVER etc..
Take a look at discussion or bestsellers add-on - they have products.post.php controllers which work absolutly the same ways a profiles.post.php and any other post controllers.
I'm creating a custom module that has uses the form API and sends an email on submission- however, I want to make the 'from' email name to be the site name (eg, <My Drupal Site> no-reply#myhttphost.com). In phptemplate you can use $site_name, but that doesn't work from a module it seems. I've tried calling &$variables or &$variable or &$vars in the function argument and DSMed it but still nothing. Any ideas?
Many thanks!
Matt
You can use:
variable_get('site_name');
anywhere in a module or template file :)
I'd suggest the approach used in core:
variable_get('site_name', 'Drupal');
It's good practice to include the default value in variable_get().
Done...I dug through the set and get code and none of it ever is sanitized...sanitizing serialized objects would probably break stuff so it makes sense