1 <?php

     2 

     3 /*

     4  * This file is part of Twig.

     5  *

     6  * (c) 2009 Fabien Potencier

     7  *

     8  * For the full copyright and license information, please view the LICENSE

     9  * file that was distributed with this source code.

    10  */

    11 

    12 /**

    13  * Twig_NodeVisitor_Sandbox implements sandboxing.

    14  *

    15  * @package    twig

    16  * @author     Fabien Potencier <fabien@symfony.com>

    17  */

    18 class Twig_NodeVisitor_Sandbox implements Twig_NodeVisitorInterface

    19 {

    20     protected $inAModule = false;

    21     protected $tags;

    22     protected $filters;

    23     protected $functions;

    24 

    25     /**

    26      * Called before child nodes are visited.

    27      *

    28      * @param Twig_NodeInterface $node The node to visit

    29      * @param Twig_Environment   $env  The Twig environment instance

    30      *

    31      * @param Twig_NodeInterface The modified node

    32      */

    33     public function enterNode(Twig_NodeInterface $node, Twig_Environment $env)

    34     {

    35         if ($node instanceof Twig_Node_Module) {

    36             $this->inAModule = true;

    37             $this->tags = array();

    38             $this->filters = array();

    39             $this->functions = array();

    40 

    41             return $node;

    42         } elseif ($this->inAModule) {

    43             // look for tags

    44             if ($node->getNodeTag()) {

    45                 $this->tags[] = $node->getNodeTag();

    46             }

    47 

    48             // look for filters

    49             if ($node instanceof Twig_Node_Expression_Filter) {

    50                 $this->filters[] = $node->getNode('filter')->getAttribute('value');

    51             }

    52 

    53             // look for functions

    54             if ($node instanceof Twig_Node_Expression_Function) {

    55                 $this->functions[] = $node->getAttribute('name');

    56             }

    57 

    58             // wrap print to check __toString() calls

    59             if ($node instanceof Twig_Node_Print) {

    60                 return new Twig_Node_SandboxedPrint($node->getNode('expr'), $node->getLine(), $node->getNodeTag());

    61             }

    62         }

    63 

    64         return $node;

    65     }

    66 

    67     /**

    68      * Called after child nodes are visited.

    69      *

    70      * @param Twig_NodeInterface $node The node to visit

    71      * @param Twig_Environment   $env  The Twig environment instance

    72      *

    73      * @param Twig_NodeInterface The modified node

    74      */

    75     public function leaveNode(Twig_NodeInterface $node, Twig_Environment $env)

    76     {

    77         if ($node instanceof Twig_Node_Module) {

    78             $this->inAModule = false;

    79 

    80             return new Twig_Node_SandboxedModule($node, array_unique($this->filters), array_unique($this->tags), array_unique($this->functions));

    81         }

    82 

    83         return $node;

    84     }

    85 

    86     /**

    87      * {@inheritdoc}

    88      */

    89     public function getPriority()

    90     {

    91         return 0;

    92     }

    93 }