PEAK XOOPS - un-well-known(?) usage of Smarty modifier (3)

un-well-known(?) usage of Smarty modifier (3)

Date 2006-07-11 04:52:42 | Category: XOOPS

You should know $smarty->security.
When this setting is on, the feature of "function modifier" will be disabled other than written in $smarty->security_settings['MODIFIER_FUNCS']

In Smarty's code:


     * This enables template security. When enabled, many things are restricted
     * in the templates that normally would go unchecked. This is useful when
     * untrusted parties are editing templates and you want a reasonable level
     * of security. (no direct execution of PHP in templates for example)

I don't think so.
Because you should not allow to edit your templates by "untrusted parties" at all.

I think this limitation is almost non-sense.

You can read more news at PEAK XOOPS.
http://xoops.peak.ne.jp

The URL for this story is:
http://xoops.peak.ne.jp/md/news/index.php?page=article&storyid=134