update smarty (4.1.1 -> 4.3.0) (add PHP 8.2 support, fixes for PHP 8.1; also fixes #541 where using a Turkish locale broke smarty's autoloader)

2025-08-07 17:42:53 +03:00 · 2022-12-04 19:35:33 +00:00
parent 58e9538e6a
commit b76260d3d3
45 changed files with 514 additions and 285 deletions
--- a/lib/smarty/libs/plugins/function.mailto.php
+++ b/lib/smarty/libs/plugins/function.mailto.php
@@ -48,8 +48,13 @@
 */
 function smarty_function_mailto($params)
 {
-    static $_allowed_encoding =
-        array('javascript' => true, 'javascript_charcode' => true, 'hex' => true, 'none' => true);
+    static $_allowed_encoding = [
+        'javascript' => true,
+        'javascript_charcode' => true,
+        'hex' => true,
+        'none' => true
+    ];
+
    $extra = '';
    if (empty($params[ 'address' ])) {
        trigger_error("mailto: missing 'address' parameter", E_USER_WARNING);
@@ -57,19 +62,19 @@ function smarty_function_mailto($params)
    } else {
        $address = $params[ 'address' ];
    }
+
    $text = $address;
+
    // netscape and mozilla do not decode %40 (@) in BCC field (bug?)
    // so, don't encode it.
-    $search = array('%40', '%2C');
-    $replace = array('@', ',');
-    $mail_parms = array();
+    $mail_parms = [];
    foreach ($params as $var => $value) {
        switch ($var) {
            case 'cc':
            case 'bcc':
            case 'followupto':
                if (!empty($value)) {
-                    $mail_parms[] = $var . '=' . str_replace($search, $replace, rawurlencode($value));
+                    $mail_parms[] = $var . '=' . str_replace(['%40', '%2C'], ['@', ','], rawurlencode($value));
                }
                break;
            case 'subject':
@@ -83,6 +88,7 @@ function smarty_function_mailto($params)
            default:
        }
    }
+
    if ($mail_parms) {
        $address .= '?' . join('&', $mail_parms);
    }
@@ -94,19 +100,21 @@ function smarty_function_mailto($params)
        );
        return;
    }
+
+    $string = '<a href="mailto:' . htmlspecialchars($address, ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401, Smarty::$_CHARSET) .
+        '" ' . $extra . '>' . htmlspecialchars($text, ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401, Smarty::$_CHARSET) . '</a>';
+
    if ($encode === 'javascript') {
-	    $string = '<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>';
        $js_encode = '';
        for ($x = 0, $_length = strlen($string); $x < $_length; $x++) {
            $js_encode .= '%' . bin2hex($string[ $x ]);
        }
        return '<script type="text/javascript">document.write(unescape(\'' . $js_encode . '\'))</script>';
    } elseif ($encode === 'javascript_charcode') {
-        $string = '<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>';
        for ($x = 0, $_length = strlen($string); $x < $_length; $x++) {
            $ord[] = ord($string[ $x ]);
        }
-	    return '<script type="text/javascript">document.write(String.fromCharCode(' . implode(',', $ord) . '))</script>';
+        return '<script type="text/javascript">document.write(String.fromCharCode(' . implode(',', $ord) . '))</script>';
    } elseif ($encode === 'hex') {
        preg_match('!^(.*)(\?.*)$!', $address, $match);
        if (!empty($match[ 2 ])) {
@@ -129,6 +137,6 @@ function smarty_function_mailto($params)
        return '<a href="' . $mailto . $address_encode . '" ' . $extra . '>' . $text_encode . '</a>';
    } else {
        // no encoding
-        return '<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>';
+        return $string;
    }
 }