4 * This file is part of Twig.
8 * For the full copyright and license information, please view the LICENSE
9 * file that was distributed with this source code.
13 * Twig_NodeVisitor_Sandbox implements sandboxing.
17 * @author Fabien Potencier <fabien@symfony.com>
19 class Twig_NodeVisitor_Sandbox
extends Twig_BaseNodeVisitor
21 protected $inAModule = false;
26 protected function doEnterNode(Twig_Node
$node, Twig_Environment
$env)
28 if ($node instanceof Twig_Node_Module
) {
29 $this->inAModule
= true;
30 $this->tags
= array();
31 $this->filters
= array();
32 $this->functions
= array();
35 } elseif ($this->inAModule
) {
37 if ($node->getNodeTag() && !isset($this->tags
[$node->getNodeTag()])) {
38 $this->tags
[$node->getNodeTag()] = $node;
42 if ($node instanceof Twig_Node_Expression_Filter
&& !isset($this->filters
[$node->getNode('filter')->getAttribute('value')])) {
43 $this->filters
[$node->getNode('filter')->getAttribute('value')] = $node;
47 if ($node instanceof Twig_Node_Expression_Function
&& !isset($this->functions
[$node->getAttribute('name')])) {
48 $this->functions
[$node->getAttribute('name')] = $node;
51 // the .. operator is equivalent to the range() function
52 if ($node instanceof Twig_Node_Expression_Binary_Range
&& !isset($this->functions
['range'])) {
53 $this->functions
['range'] = $node;
56 // wrap print to check __toString() calls
57 if ($node instanceof Twig_Node_Print
) {
58 return new Twig_Node_SandboxedPrint($node->getNode('expr'), $node->getTemplateLine(), $node->getNodeTag());
65 protected function doLeaveNode(Twig_Node
$node, Twig_Environment
$env)
67 if ($node instanceof Twig_Node_Module
) {
68 $this->inAModule
= false;
70 $node->setNode('display_start', new Twig_Node(array(new Twig_Node_CheckSecurity($this->filters
, $this->tags
, $this->functions
), $node->getNode('display_start'))));
76 public function getPriority()
82 class_alias('Twig_NodeVisitor_Sandbox', 'Twig\NodeVisitor\SandboxNodeVisitor', false);