Smarty allow_php_tag reports 'Undefined property: Smarty::$allow_php_tag'

Question

So I have an old website which uses an older version of smarty, as today I wanted to upgrade to latest version, and it hit's me with an error:

[Fri Aug 19 11:21:19 2011] [error] [client ***.***.***.***] PHP Notice:  Undefined property: Smarty::$allow_php_tag in /work/smarty3.1rc1/Smarty.class.php on line 592
[Fri Aug 19 11:21:19 2011] [error] [client ***.***.***.***] PHP Fatal error:  Uncaught exception 'SmartyCompilerException' with message 'Syntax Error in template "/work/templates/modules/main_module.tpl"  on line 2 "{php}" unknown tag "php"' in /work/smarty3.1rc1/sysplugins/smarty_internal_templatecompilerbase.php:596
Stack trace:
    #0 /work/smarty3.1rc1/sysplugins/smarty_internal_templatecompilerbase.php(382): Smarty_Internal_TemplateCompilerBase->trigger_template_error('unknown tag "ph...', 2)
    #1 /work/smarty3.1rc1/sysplugins/smarty_internal_templateparser.php(2383): Smarty_Internal_TemplateCompilerBase->compileTag('php', Array)
    #2 /work/smarty3.1rc1/sysplugins/smarty_internal_templateparser.php(2865): Smarty_Internal_Templateparser->yy_r38()
    #3 /work/smarty3.1rc1/sysplugins/smarty_internal_templateparser.php(2965): Smarty_Internal_Templateparser->yy_reduce(38)
    #4 in /work/smarty3.1rc1/sysplugins/smarty_internal_templatecompilerbase.php on line 596

Even if I put Smarty 3.0.8 I get same errors ... Since the website if full of {php} tags, removing is not an option. What can I do?

Ok, as following @Pekka's instructions i found out about Smarty Security Next problem:

$my_security_policy = new Smarty_Security($smarty);
$my_security_policy->allow_php_tag = true;
$my_security_policy->php_functions = array();
$my_security_policy->php_handling = Smarty::PHP_PASSTHRU;
$my_security_policy->php_modifier = array();
$my_security_policy->modifiers = array();

$smarty->enableSecurity($my_security_policy);

shouts:

[Fri Aug 19 12:06:40 2011] [error] [client ***.***.***.***] PHP Fatal error:  Uncaught exception 'SmartyCompilerException' with message 'Syntax Error in template .....' modifier 'strtolower' not allowed by security setting'

what's wrong now ... $my_security_policy->php_functions = array(); allows all php functions ..

Can you show the line in the template that calls `strtolower()`? — Pekka, Aug 19 '11 at 10:03
nevermind, I belive the new way functions are handled in new Smarty simply sucks, as I will never be able to upgrade to new Smarty as Every template hit's me with an error, errors like: Unexpected '>', Function ``ucwords`` not allowed. It is too much work. I'm really dissapointed. The site has about 150 templates, and around 50 modules (also in .tpl files). Thank anyway — Mihai Iorga, Aug 19 '11 at 10:09
okay and you're welcome - but the error message `modifier 'strtolower' not allowed by security setting` might suggest that the behaviour can be changed using some setting. Which one, I don't know though — Pekka, Aug 19 '11 at 10:19
One of your settings appears to be wrong `$my_security_policy->php_modifier = array();` should be `$my_security_policy->php_modifiers = array();`. Note the plural 's' at the end of php_modifiers. — Simon, Mar 16 '12 at 21:18

score 2 · Accepted Answer · answered Aug 19 '11 at 08:38

2

According to the docs, allow_php_tag is now a property of the Smarty_Security class, not Smarty. See the page for an example how to use it.

I don't know when this changed, but it's probable it's a new V3 feature. And a nice one at that!

answered Aug 19 '11 at 08:38

Pekka

442,112
142
972
1,088

Only when upgrading from 3.08 to 3.1 has this been a issue here. – John Magnolia Mar 29 '12 at 15:03

Smarty allow_php_tag reports 'Undefined property: Smarty::$allow_php_tag'

1 Answers1