SandboxedPrint.php (1425B)
1 <?php 2 3 /* 4 * This file is part of Twig. 5 * 6 * (c) 2010 Fabien Potencier 7 * 8 * For the full copyright and license information, please view the LICENSE 9 * file that was distributed with this source code. 10 */ 11 12 /** 13 * Twig_Node_SandboxedPrint adds a check for the __toString() method 14 * when the variable is an object and the sandbox is activated. 15 * 16 * When there is a simple Print statement, like {{ article }}, 17 * and if the sandbox is enabled, we need to check that the __toString() 18 * method is allowed if 'article' is an object. 19 * 20 * @author Fabien Potencier <fabien@symfony.com> 21 */ 22 class Twig_Node_SandboxedPrint extends Twig_Node_Print 23 { 24 public function compile(Twig_Compiler $compiler) 25 { 26 $compiler 27 ->addDebugInfo($this) 28 ->write('echo $this->env->getExtension(\'sandbox\')->ensureToStringAllowed(') 29 ->subcompile($this->getNode('expr')) 30 ->raw(");\n") 31 ; 32 } 33 34 /** 35 * Removes node filters. 36 * 37 * This is mostly needed when another visitor adds filters (like the escaper one). 38 * 39 * @param Twig_Node $node A Node 40 * 41 * @return Twig_Node 42 */ 43 protected function removeNodeFilter($node) 44 { 45 if ($node instanceof Twig_Node_Expression_Filter) { 46 return $this->removeNodeFilter($node->getNode('node')); 47 } 48 49 return $node; 50 } 51 }