library/smarty/NEW_FEATURES.txt
changeset 0 4869aea77e21
equal deleted inserted replaced
-1:000000000000 0:4869aea77e21
       
     1 
       
     2 
       
     3 This file contains a brief description of new features which have been added to Smarty 3.1
       
     4 
       
     5 Smarty 3.1.22
       
     6 
       
     7     Namespace support within templates
       
     8     ==================================
       
     9     Within templates you can now use namespace specifications on:
       
    10      - Constants                like    foo\bar\FOO
       
    11      - Class names              like    foo\bar\Baz::FOO, foo\bar\Baz::$foo, foo\bar\Baz::foo()
       
    12      - PHP function names       like    foo\bar\baz()
       
    13 
       
    14     Security
       
    15     ========
       
    16     - disable special $smarty variable -
       
    17     The Smarty_Security class has the new property $disabled_special_smarty_vars.
       
    18     It's an array which can be loaded with the $smarty special variable names like
       
    19     'template_object', 'template', 'current_dir' and others which will be disabled.
       
    20     Note: That this security check is performed at compile time.
       
    21 
       
    22     - limit template nesting -
       
    23     Property $max_template_nesting of Smarty_Security does set the maximum template nesting level.
       
    24     The main template is level 1. The nesting level is checked at run time. When the maximum will be exceeded
       
    25     an Exception will be thrown. The default setting is 0 which does disable this check.
       
    26 
       
    27     - trusted static methods -
       
    28    The Smarty_Security class has the new property $trusted_static_methods to restrict access to static methods.
       
    29    It's an nested array of trusted class and method names.
       
    30          Format:
       
    31          array (
       
    32                     'class_1' => array('method_1', 'method_2'), // allowed methods
       
    33                     'class_2' => array(),                       // all methods of class allowed
       
    34                )
       
    35    To disable access for all methods of all classes set $trusted_static_methods = null;
       
    36    The default value is an empty array() which does enables all methods of all classes, but for backward compatibility
       
    37    the setting of $static_classes will be checked.
       
    38    Note: That this security check is performed at compile time.
       
    39 
       
    40     - trusted static properties -
       
    41    The Smarty_Security class has the new property $trusted_static_properties to restrict access to static properties.
       
    42    It's an nested array of trusted class and property names.
       
    43          Format:
       
    44          array (
       
    45                     'class_1' => array('prop_1', 'prop_2'), // allowed properties listed
       
    46                     'class_2' => array(),                   // all properties of class allowed
       
    47                 }
       
    48    To disable access for all properties of all classes set $trusted_static_properties = null;
       
    49    The default value is an empty array() which does enables all properties of all classes, but for backward compatibility
       
    50    the setting of $static_classes will be checked.
       
    51    Note: That this security check is performed at compile time.
       
    52 
       
    53     - trusted constants .
       
    54    The Smarty_Security class has the new property $trusted_constants to restrict access to constants.
       
    55    It's an array of trusted constant names.
       
    56          Format:
       
    57          array (
       
    58                     'SMARTY_DIR' , // allowed constant
       
    59                 }
       
    60    If the array is empty (default) the usage of constants  can be controlled with the
       
    61    Smarty_Security::$allow_constants property (default true)
       
    62 
       
    63 
       
    64 
       
    65     Compiled Templates
       
    66     ==================
       
    67     Smarty does now automatically detects a change of the $merge_compiled_includes and $escape_html
       
    68     property and creates different compiled templates files depending on the setting.
       
    69 
       
    70     Same applies to config files and the $config_overwrite, $config_booleanize and
       
    71     $config_read_hidden properties.
       
    72 
       
    73     Debugging
       
    74     =========
       
    75     The layout of the debug window has been changed for better readability
       
    76     
       
    77     New class constants
       
    78         Smarty::DEBUG_OFF
       
    79         Smarty::DEBUG_ON
       
    80         Smarty::DEBUG_INDIVIDUAL
       
    81     have been introduced for setting the $debugging property.
       
    82 
       
    83     Smarty::DEBUG_INDIVIDUAL will create for each display() and fetch() call an individual gebug window.
       
    84 
       
    85     .
       
    86