[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SF.net SVN: ledger-smb: [1030] branches/1.2-experimental/LedgerSMB/Template .pm

Revision: 1030
          http://svn.sourceforge.net/ledger-smb/?rev=1030&view=rev
Author:   einhverfr
Date:     2007-04-04 13:38:06 -0700 (Wed, 04 Apr 2007)

Log Message:
-----------
Updated Template.pm so that the constructor is parameterized and we are doing proper directory transversal checks.  Work needs to be done for many things before this is really ready for 1.3 though

Modified Paths:
--------------
    branches/1.2-experimental/LedgerSMB/Template.pm

Modified: branches/1.2-experimental/LedgerSMB/Template.pm
===================================================================
--- branches/1.2-experimental/LedgerSMB/Template.pm	2007-04-04 20:15:17 UTC (rev 1029)
+++ branches/1.2-experimental/LedgerSMB/Template.pm	2007-04-04 20:38:06 UTC (rev 1030)
@@ -29,18 +29,38 @@
 sub new {
 	my $class = shift;
 	my $self = {};
-	$self->{myconfig} = shift;
-	$self->{template} = shift;
-	$self->{format} = shift;
-	$self->{language} = shift;
+	my %args = @_;
+
+	$self->{myconfig} = $args{user};
+	$self->{template} = $args{template};
+	$self->{format} = $args{format};
+	$self->{language} = $args{language};
 	$self->{output} = '';
+	$self->{include_path} = $args{path};
+
 	bless $self, $class;
+
+	if (!$self->{include_path}){
+		$self->{include_path} = $self->{'myconfig'}->{'templates'};
+		if (defined $self->{language}){
+			if (!$self->valid_language){
+				# TODO:  Throw errors or something.
+				return undef;
+			}
+			$self->{include_path} = "$self->{'include_path'}"
+					."/$self->{language}"
+					.";$self->{'include_path'}"
+		}
+	}
+
 	return $self;
 }
 
 sub valid_language {
 	my $self = shift;
-	# XXX Actually perform validity checks
+	if ($self->{language} =~ m#(/|\\|:|\.\.|^\.)#){
+		return 0;
+	}
 	return 1;
 }
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.