PHP8.2 compatibility (#775)

* PHP8.2 compatibility * PHP8.2 compatibility : Fixed unit tests * PHP8.2 compatibility : Replace ENT_COMPAT by ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401 * PHP8.2 compatibility : Remove deprecated utf8_decode * PHP8.2 compatibility : Remove HTML-ENTITIES parameter * Removed some unused code for clarity, updated the changelog. * More concise escape implementation and unit test to cover both modifierplugin and modifiercompiler. * Fix htmlall unescape of quotes without mbstring too Co-authored-by: Simon Wisselink <s.wisselink@iwink.nl>
author: Progi1984 <progi1984@gmail.com> 2022-11-22 21:22:57 +0100
committer: GitHub <noreply@github.com> 2022-11-22 21:22:57 +0100
commit: c016895166af23aa37468e7556577e3f7772065c (patch)
tree: 22e8da694ca5e99266b0d82402f45e0807454f9e /libs
parent: f81720941c07c76ad5ee25d0d69682463acb504b (diff)
download: smarty-c016895166af23aa37468e7556577e3f7772065c.tar.gz
smarty-c016895166af23aa37468e7556577e3f7772065c.tar.bz2
smarty-c016895166af23aa37468e7556577e3f7772065c.zip
8 files changed, 19 insertions, 113 deletions
diff --git a/libs/plugins/modifier.escape.php b/libs/plugins/modifier.escape.php
index 3ce48382..11e44682 100644
--- a/libs/plugins/modifier.escape.php
+++ b/libs/plugins/modifier.escape.php
@@ -23,7 +23,6 @@
  */
 function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $double_encode = true)
 {
-    static $_double_encode = true;
     static $is_loaded_1 = false;
     static $is_loaded_2 = false;
     if (!$char_set) {
@@ -34,87 +33,15 @@ function smarty_modifier_escape($string, $esc_type = 'html', $char_set = null, $
 
     switch ($esc_type) {
         case 'html':
-            if ($_double_encode) {
-                // php >=5.3.2 - go native
-                return htmlspecialchars($string, ENT_QUOTES, $char_set, $double_encode);
-            } else {
-                if ($double_encode) {
-                    // php <5.2.3 - only handle double encoding
-                    return htmlspecialchars($string, ENT_QUOTES, $char_set);
-                } else {
-                    // php <5.2.3 - prevent double encoding
-                    $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string);
-                    $string = htmlspecialchars($string, ENT_QUOTES, $char_set);
-                    $string = str_replace(
-                        array(
-                            '%%%SMARTY_START%%%',
-                            '%%%SMARTY_END%%%'
-                        ),
-                        array(
-                            '&',
-                            ';'
-                        ),
-                        $string
-                    );
-                    return $string;
-                }
-            }
+            return htmlspecialchars($string, ENT_QUOTES, $char_set, $double_encode);
         // no break
         case 'htmlall':
             if (Smarty::$_MBSTRING) {
-                // mb_convert_encoding ignores htmlspecialchars()
-                if ($_double_encode) {
-                    // php >=5.3.2 - go native
-                    $string = htmlspecialchars($string, ENT_QUOTES, $char_set, $double_encode);
-                } else {
-                    if ($double_encode) {
-                        // php <5.2.3 - only handle double encoding
-                        $string = htmlspecialchars($string, ENT_QUOTES, $char_set);
-                    } else {
-                        // php <5.2.3 - prevent double encoding
-                        $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string);
-                        $string = htmlspecialchars($string, ENT_QUOTES, $char_set);
-                        $string =
-                            str_replace(
-                                array(
-                                    '%%%SMARTY_START%%%',
-                                    '%%%SMARTY_END%%%'
-                                ),
-                                array(
-                                    '&',
-                                    ';'
-                                ),
-                                $string
-                            );
-                        return $string;
-                    }
-                }
-                // htmlentities() won't convert everything, so use mb_convert_encoding
-                return mb_convert_encoding($string, 'HTML-ENTITIES', $char_set);
+                $string = mb_convert_encoding($string, 'UTF-8', $char_set);
+                return htmlentities($string, ENT_QUOTES, 'UTF-8', $double_encode);
             }
             // no MBString fallback
-            if ($_double_encode) {
-                return htmlentities($string, ENT_QUOTES, $char_set, $double_encode);
-            } else {
-                if ($double_encode) {
-                    return htmlentities($string, ENT_QUOTES, $char_set);
-                } else {
-                    $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string);
-                    $string = htmlentities($string, ENT_QUOTES, $char_set);
-                    $string = str_replace(
-                        array(
-                            '%%%SMARTY_START%%%',
-                            '%%%SMARTY_END%%%'
-                        ),
-                        array(
-                            '&',
-                            ';'
-                        ),
-                        $string
-                    );
-                    return $string;
-                }
-            }
+            return htmlentities($string, ENT_QUOTES, $char_set, $double_encode);
         // no break
         case 'url':
             return rawurlencode($string);
diff --git a/libs/plugins/modifiercompiler.escape.php b/libs/plugins/modifiercompiler.escape.php
index 1fc5e781..602c3dbf 100644
--- a/libs/plugins/modifiercompiler.escape.php
+++ b/libs/plugins/modifiercompiler.escape.php
@@ -18,12 +18,10 @@
  * @param Smarty_Internal_TemplateCompilerBase $compiler
  *
  * @return string with compiled code
- * @throws \SmartyException
+ * @throws SmartyException
  */
 function smarty_modifiercompiler_escape($params, Smarty_Internal_TemplateCompilerBase $compiler)
 {
-    static $_double_encode = true;
-    static $is_loaded = false;
     $compiler->template->_checkPlugins(
         array(
             array(
@@ -41,41 +39,18 @@ function smarty_modifiercompiler_escape($params, Smarty_Internal_TemplateCompile
         }
         switch ($esc_type) {
             case 'html':
-                if ($_double_encode) {
-                    return 'htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' .
-                           var_export($double_encode, true) . ')';
-                } elseif ($double_encode) {
-                    return 'htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ')';
-                } else {
-                    // fall back to modifier.escape.php
-                }
+                return 'htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' .
+                    var_export($double_encode, true) . ')';
             // no break
             case 'htmlall':
                 if (Smarty::$_MBSTRING) {
-                    if ($_double_encode) {
-                        // php >=5.2.3 - go native
-                        return 'mb_convert_encoding(htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' .
-                               var_export($char_set, true) . ', ' . var_export($double_encode, true) .
-                               '), "HTML-ENTITIES", ' . var_export($char_set, true) . ')';
-                    } elseif ($double_encode) {
-                        // php <5.2.3 - only handle double encoding
-                        return 'mb_convert_encoding(htmlspecialchars((string)' . $params[ 0 ] . ', ENT_QUOTES, ' .
-                               var_export($char_set, true) . '), "HTML-ENTITIES", ' . var_export($char_set, true) . ')';
-                    } else {
-                        // fall back to modifier.escape.php
-                    }
+                    return 'htmlentities(mb_convert_encoding((string)' . $params[ 0 ] . ', \'UTF-8\', ' .
+                        var_export($char_set, true) . '), ENT_QUOTES, \'UTF-8\', ' .
+                        var_export($double_encode, true) . ')';
                 }
                 // no MBString fallback
-                if ($_double_encode) {
-                    // php >=5.2.3 - go native
-                    return 'htmlentities((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' .
-                           var_export($double_encode, true) . ')';
-                } elseif ($double_encode) {
-                    // php <5.2.3 - only handle double encoding
-                    return 'htmlentities((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ')';
-                } else {
-                    // fall back to modifier.escape.php
-                }
+                return 'htmlentities((string)' . $params[ 0 ] . ', ENT_QUOTES, ' . var_export($char_set, true) . ', ' .
+                    var_export($double_encode, true) . ')';
             // no break
             case 'url':
                 return 'rawurlencode((string)' . $params[ 0 ] . ')';
diff --git a/libs/plugins/modifiercompiler.unescape.php b/libs/plugins/modifiercompiler.unescape.php
index 3438fe3e..9e1f06d6 100644
--- a/libs/plugins/modifiercompiler.unescape.php
+++ b/libs/plugins/modifiercompiler.unescape.php
@@ -39,9 +39,9 @@ function smarty_modifiercompiler_unescape($params, Smarty_Internal_TemplateCompi
         case 'entity':
         case 'htmlall':
             if (Smarty::$_MBSTRING) {
-                return 'mb_convert_encoding(' . $params[ 0 ] . ', ' . $params[ 2 ] . ', \'HTML-ENTITIES\')';
+                return 'html_entity_decode(mb_convert_encoding(' . $params[ 0 ] . ', ' . $params[ 2 ] . ', \'UTF-8\'), ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401, ' . $params[ 2 ] . ')';
             }
-            return 'html_entity_decode(' . $params[ 0 ] . ', ENT_NOQUOTES, ' . $params[ 2 ] . ')';
+            return 'html_entity_decode(' . $params[ 0 ] . ', ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401, ' . $params[ 2 ] . ')';
         case 'html':
             return 'htmlspecialchars_decode(' . $params[ 0 ] . ', ENT_QUOTES)';
         case 'url':
diff --git a/libs/sysplugins/smarty_internal_extension_handler.php b/libs/sysplugins/smarty_internal_extension_handler.php
index 634ad831..3ef040ab 100644
--- a/libs/sysplugins/smarty_internal_extension_handler.php
+++ b/libs/sysplugins/smarty_internal_extension_handler.php
@@ -36,6 +36,7 @@
  * @property   Smarty_Internal_Method_RegisterPlugin     $registerPlugin
  * @property   mixed|\Smarty_Template_Cached             configLoad
  */
+#[\AllowDynamicProperties]
 class Smarty_Internal_Extension_Handler
 {
     public $objType = null;
diff --git a/libs/sysplugins/smarty_internal_runtime_make_nocache.php b/libs/sysplugins/smarty_internal_runtime_make_nocache.php
index 53069148..7994aa04 100644
--- a/libs/sysplugins/smarty_internal_runtime_make_nocache.php
+++ b/libs/sysplugins/smarty_internal_runtime_make_nocache.php
@@ -22,7 +22,7 @@ class Smarty_Internal_Runtime_Make_Nocache
     {
         if (isset($tpl->tpl_vars[ $var ])) {
             $export =
-                preg_replace('/^Smarty_Variable::__set_state[(]|[)]$/', '', var_export($tpl->tpl_vars[ $var ], true));
+                preg_replace('/^\\\\?Smarty_Variable::__set_state[(]|[)]$/', '', var_export($tpl->tpl_vars[ $var ], true));
             if (preg_match('/(\w+)::__set_state/', $export, $match)) {
                 throw new SmartyException("{make_nocache \${$var}} in template '{$tpl->source->name}': variable does contain object '{$match[1]}' not implementing method '__set_state'");
             }
diff --git a/libs/sysplugins/smarty_internal_template.php b/libs/sysplugins/smarty_internal_template.php
index bf627ce7..72d1d52e 100644
--- a/libs/sysplugins/smarty_internal_template.php
+++ b/libs/sysplugins/smarty_internal_template.php
@@ -24,6 +24,7 @@
  *
  * @method bool mustCompile()
  */
+#[\AllowDynamicProperties]
 class Smarty_Internal_Template extends Smarty_Internal_TemplateBase
 {
     /**
diff --git a/libs/sysplugins/smarty_security.php b/libs/sysplugins/smarty_security.php
index 974c6352..97cd0521 100644
--- a/libs/sysplugins/smarty_security.php
+++ b/libs/sysplugins/smarty_security.php
@@ -19,6 +19,7 @@
 /**
  * This class does contain the security settings
  */
+#[\AllowDynamicProperties]
 class Smarty_Security
 {
 
diff --git a/libs/sysplugins/smarty_variable.php b/libs/sysplugins/smarty_variable.php
index 914d99bd..6a534228 100644
--- a/libs/sysplugins/smarty_variable.php
+++ b/libs/sysplugins/smarty_variable.php
@@ -7,6 +7,7 @@
  * @package    Smarty
  * @subpackage Template
  */
+#[\AllowDynamicProperties]
 class Smarty_Variable
 {
     /**
author	Progi1984 <progi1984@gmail.com>	2022-11-22 21:22:57 +0100
committer	GitHub <noreply@github.com>	2022-11-22 21:22:57 +0100
commit	c016895166af23aa37468e7556577e3f7772065c (patch)
tree	22e8da694ca5e99266b0d82402f45e0807454f9e /libs
parent	f81720941c07c76ad5ee25d0d69682463acb504b (diff)
download	smarty-c016895166af23aa37468e7556577e3f7772065c.tar.gz smarty-c016895166af23aa37468e7556577e3f7772065c.tar.bz2 smarty-c016895166af23aa37468e7556577e3f7772065c.zip