1<?php 2 3/* 4 * This file is part of Twig. 5 * 6 * (c) Fabien Potencier 7 * 8 * For the full copyright and license information, please view the LICENSE 9 * file that was distributed with this source code. 10 */ 11 12namespace Twig\Node; 13 14use Twig\Compiler; 15use Twig\Node\Expression\ConstantExpression; 16 17/** 18 * Adds a check for the __toString() method when the variable is an object and the sandbox is activated. 19 * 20 * When there is a simple Print statement, like {{ article }}, 21 * and if the sandbox is enabled, we need to check that the __toString() 22 * method is allowed if 'article' is an object. 23 * 24 * Not used anymore, to be deprecated in 2.x and removed in 3.0 25 * 26 * @author Fabien Potencier <fabien@symfony.com> 27 */ 28class SandboxedPrintNode extends PrintNode 29{ 30 public function compile(Compiler $compiler) 31 { 32 $compiler 33 ->addDebugInfo($this) 34 ->write('echo ') 35 ; 36 $expr = $this->getNode('expr'); 37 if ($expr instanceof ConstantExpression) { 38 $compiler 39 ->subcompile($expr) 40 ->raw(";\n") 41 ; 42 } else { 43 $compiler 44 ->write('$this->extensions[SandboxExtension::class]->ensureToStringAllowed(') 45 ->subcompile($expr) 46 ->raw(', ') 47 ->repr($expr->getTemplateLine()) 48 ->raw(", \$this->source);\n") 49 ; 50 } 51 } 52} 53 54class_alias('Twig\Node\SandboxedPrintNode', 'Twig_Node_SandboxedPrint'); 55