diff -r 56308e61381c -r 846026b8422b Twig-1.3.0/lib/Twig/NodeVisitor/Sandbox.php
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/Twig-1.3.0/lib/Twig/NodeVisitor/Sandbox.php	Wed Oct 26 21:44:35 2011 +0200
@@ -0,0 +1,93 @@
+<?php
+
+/*
+ * This file is part of Twig.
+ *
+ * (c) 2009 Fabien Potencier
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ * Twig_NodeVisitor_Sandbox implements sandboxing.
+ *
+ * @package    twig
+ * @author     Fabien Potencier <fabien@symfony.com>
+ */
+class Twig_NodeVisitor_Sandbox implements Twig_NodeVisitorInterface
+{
+    protected $inAModule = false;
+    protected $tags;
+    protected $filters;
+    protected $functions;
+
+    /**
+     * Called before child nodes are visited.
+     *
+     * @param Twig_NodeInterface $node The node to visit
+     * @param Twig_Environment   $env  The Twig environment instance
+     *
+     * @param Twig_NodeInterface The modified node
+     */
+    public function enterNode(Twig_NodeInterface $node, Twig_Environment $env)
+    {
+        if ($node instanceof Twig_Node_Module) {
+            $this->inAModule = true;
+            $this->tags = array();
+            $this->filters = array();
+            $this->functions = array();
+
+            return $node;
+        } elseif ($this->inAModule) {
+            // look for tags
+            if ($node->getNodeTag()) {
+                $this->tags[] = $node->getNodeTag();
+            }
+
+            // look for filters
+            if ($node instanceof Twig_Node_Expression_Filter) {
+                $this->filters[] = $node->getNode('filter')->getAttribute('value');
+            }
+
+            // look for functions
+            if ($node instanceof Twig_Node_Expression_Function) {
+                $this->functions[] = $node->getAttribute('name');
+            }
+
+            // wrap print to check __toString() calls
+            if ($node instanceof Twig_Node_Print) {
+                return new Twig_Node_SandboxedPrint($node->getNode('expr'), $node->getLine(), $node->getNodeTag());
+            }
+        }
+
+        return $node;
+    }
+
+    /**
+     * Called after child nodes are visited.
+     *
+     * @param Twig_NodeInterface $node The node to visit
+     * @param Twig_Environment   $env  The Twig environment instance
+     *
+     * @param Twig_NodeInterface The modified node
+     */
+    public function leaveNode(Twig_NodeInterface $node, Twig_Environment $env)
+    {
+        if ($node instanceof Twig_Node_Module) {
+            $this->inAModule = false;
+
+            return new Twig_Node_SandboxedModule($node, array_unique($this->filters), array_unique($this->tags), array_unique($this->functions));
+        }
+
+        return $node;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getPriority()
+    {
+        return 0;
+    }
+}