smarty完全中文手册
目录搜索
Smarty模板编译引擎I.开始第一章. 什么是Smarty?第二章. 安装要求基本安装扩展设置II.模板设计者篇第三章.基本语法注释函数属性第四章.变量从PHP分配的变量Associative arraysArray indexesObjects从配置文件读取的变量{$smarty}保留变量Request variables{$smarty.now}{$smarty.const}{$smarty.capture}{$smarty.config}{$smarty.section}{$smarty.template}第五章.变量调节器capitalizecount_characterscatcount_paragraphscount_sentencescount_wordsdate_formatdefaultescapeindentlowernl2brregex_replacereplacespacifystring_formatstripstrip_tagstruncateupperwordwrap第六章.组合修改器第七章.内建函数captureconfig_loadforeachincludeinclude_phpinsertifldelimliteralphpsectionindexindex_previndex_nextiterationfirstlastrownumloopshowtotalstrip第八章.自定义函数assigncountercycledebugevalfetchhtml_checkboxeshtml_imagehtml_optionshtml_radioshtml_select_datehtml_select_timehtml_tablemathmailtopopup_initpopuptextformat第九章.配置文件第十章.调试控制台III.模板程序员篇第十一章 常量SMARTY_DIR第十二章 变量$template_dir$compile_dir$config_dir$plugins_dir$debugging$debug_tpl$debugging_ctrl$global_assign$undefined$autoload_filters$compile_check$force_compile$caching$cache_dir$cache_lifetime$cache_handler_func$cache_modified_check$config_overwrite$config_booleanize$config_read_hidden$config_fix_newlines$default_template_handler_func$php_handling$security$secure_dir$security_settings$trusted_dir$left_delimiter$right_delimiter$compiler_class$request_vars_order$compile_id$use_sub_dirs$default_modifiers$default_resource_type第十三章.方法appendappend_by_refassignassign_by_refclear_all_assignclear_all_cacheclear_assignclear_cacheclear_compiled_tplclear_configconfig_loaddisplayfetchget_config_varsget_registered_objectget_template_varsis_cachedload_filterregister_blockregister_compiler_functionregister_functionregister_modifierregister_objectregister_outputfilterregister_postfilterregister_prefilterregister_resourcetrigger_errortemplate_existsunregister_blockunregister_compiler_functionunregister_functionunregister_modifierunregister_objectunregister_outputfilterunregister_postfilterunregister_prefilterunregister_resource第十四章.缓存Setting Up CachingMultiple Caches Per PageCache GroupsControlling Cacheability of Plugins' Output第十五章.高级特点ObjectsPrefiltersPostfiltersOutput FiltersCache Handler FunctionResourcesTemplates from $template_dirTemplates from any directoryTemplates from other sourcesDefault template handler function第十六章.以插件扩展SmartyHow Plugins WorkNaming ConventionsWriting PluginsTemplate FunctionsModifiersBlock FunctionsCompiler FunctionsPrefilters/PostfiltersOutput FiltersResourcesInsertsⅣ.高级特点第十七章.疑难解答Smarty/PHP errors第18章.使用技巧和经验Blank Variable HandlingDefault Variable HandlingPassing variable title to header templateDatesWAP/WMLComponentized TemplatesObfuscating E-mail Addresses第十九章. 相关资源第二十章. 漏洞

©
本文档使用 php.cn手册 发布

文字

$security
安全变量

$security true/false, default is false. Security is good for situations when you have untrusted parties editing the templates (via ftp for example) and you want to reduce the risk of system security compromises through the template language. Turning on security enforces the following rules to the template language, unless specifially overridden with $security_settings:
安全变量要么是真,要么是假.默认为假.当你不信任模板中的可编辑部分(例如通过ftp方式上传编辑的),并想通过模板语言减小系统非安全的风险时,安全变量设为真比较适合.设为真会将下面的规则强加于模板语言中,除非特别地用$security_settings覆盖.

  • If $php_handling is set to SMARTY_PHP_ALLOW, this is implicitly changed to SMARTY_PHP_PASSTHRU
    如果变量$php_handling设为了SMARTY_PHP_ALLOW,则会隐式地被修改成SMARTY_PHP_PASSTHRU

  • PHP functions are not allowed in IF statements, except those specified in the $security_settings
    PHP函数在IF语句中是不允许的,除了在$security_settings中另行指出.

  • templates can only be included from directories listed in the $secure_dir array
    模板仅可以包含于$secure_dir数组列出的目录中.

  • local files can only be fetched from directories listed in the $secure_dir array using {fetch}
    本地文件仅可以用{fetch}获取于$secure_dir数组列出的目录中.

  • {php}{/php} tags are not allowed
    不允许有{php}{/php}标记.

  • PHP functions are not allowed as modifiers, except those specified in the $security_settings
    PHP函数不允许作为修正器,除了在$security_settings中指出.

上一篇:下一篇: