aboutsummaryrefslogtreecommitdiffstats
path: root/library/Smarty/NEW_FEATURES.txt
diff options
context:
space:
mode:
Diffstat (limited to 'library/Smarty/NEW_FEATURES.txt')
-rw-r--r--library/Smarty/NEW_FEATURES.txt86
1 files changed, 86 insertions, 0 deletions
diff --git a/library/Smarty/NEW_FEATURES.txt b/library/Smarty/NEW_FEATURES.txt
new file mode 100644
index 000000000..b2c18c99b
--- /dev/null
+++ b/library/Smarty/NEW_FEATURES.txt
@@ -0,0 +1,86 @@
+
+
+This file contains a brief description of new features which have been added to Smarty 3.1
+
+Smarty 3.1.22
+
+ Namespace support within templates
+ ==================================
+ Within templates you can now use namespace specifications on:
+ - Constants like foo\bar\FOO
+ - Class names like foo\bar\Baz::FOO, foo\bar\Baz::$foo, foo\bar\Baz::foo()
+ - PHP function names like foo\bar\baz()
+
+ Security
+ ========
+ - disable special $smarty variable -
+ The Smarty_Security class has the new property $disabled_special_smarty_vars.
+ It's an array which can be loaded with the $smarty special variable names like
+ 'template_object', 'template', 'current_dir' and others which will be disabled.
+ Note: That this security check is performed at compile time.
+
+ - limit template nesting -
+ Property $max_template_nesting of Smarty_Security does set the maximum template nesting level.
+ The main template is level 1. The nesting level is checked at run time. When the maximum will be exceeded
+ an Exception will be thrown. The default setting is 0 which does disable this check.
+
+ - trusted static methods -
+ The Smarty_Security class has the new property $trusted_static_methods to restrict access to static methods.
+ It's an nested array of trusted class and method names.
+ Format:
+ array (
+ 'class_1' => array('method_1', 'method_2'), // allowed methods
+ 'class_2' => array(), // all methods of class allowed
+ )
+ To disable access for all methods of all classes set $trusted_static_methods = null;
+ The default value is an empty array() which does enables all methods of all classes, but for backward compatibility
+ the setting of $static_classes will be checked.
+ Note: That this security check is performed at compile time.
+
+ - trusted static properties -
+ The Smarty_Security class has the new property $trusted_static_properties to restrict access to static properties.
+ It's an nested array of trusted class and property names.
+ Format:
+ array (
+ 'class_1' => array('prop_1', 'prop_2'), // allowed properties listed
+ 'class_2' => array(), // all properties of class allowed
+ }
+ To disable access for all properties of all classes set $trusted_static_properties = null;
+ The default value is an empty array() which does enables all properties of all classes, but for backward compatibility
+ the setting of $static_classes will be checked.
+ Note: That this security check is performed at compile time.
+
+ - trusted constants .
+ The Smarty_Security class has the new property $trusted_constants to restrict access to constants.
+ It's an array of trusted constant names.
+ Format:
+ array (
+ 'SMARTY_DIR' , // allowed constant
+ }
+ If the array is empty (default) the usage of constants can be controlled with the
+ Smarty_Security::$allow_constants property (default true)
+
+
+
+ Compiled Templates
+ ==================
+ Smarty does now automatically detects a change of the $merge_compiled_includes and $escape_html
+ property and creates different compiled templates files depending on the setting.
+
+ Same applies to config files and the $config_overwrite, $config_booleanize and
+ $config_read_hidden properties.
+
+ Debugging
+ =========
+ The layout of the debug window has been changed for better readability
+
+ New class constants
+ Smarty::DEBUG_OFF
+ Smarty::DEBUG_ON
+ Smarty::DEBUG_INDIVIDUAL
+ have been introduced for setting the $debugging property.
+
+ Smarty::DEBUG_INDIVIDUAL will create for each display() and fetch() call an individual gebug window.
+
+ .
+ \ No newline at end of file