2024-06-20 14:10:42 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This file is part of Twig.
|
|
|
|
*
|
|
|
|
* (c) Fabien Potencier
|
|
|
|
*
|
|
|
|
* For the full copyright and license information, please view the LICENSE
|
|
|
|
* file that was distributed with this source code.
|
|
|
|
*/
|
|
|
|
|
|
|
|
namespace Twig\Node;
|
|
|
|
|
|
|
|
use Twig\Attribute\YieldReady;
|
|
|
|
use Twig\Compiler;
|
|
|
|
use Twig\Node\Expression\AbstractExpression;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Checks if casting an expression to __toString() is allowed by the sandbox.
|
|
|
|
*
|
|
|
|
* For instance, when there is a simple Print statement, like {{ article }},
|
|
|
|
* and if the sandbox is enabled, we need to check that the __toString()
|
|
|
|
* method is allowed if 'article' is an object. The same goes for {{ article|upper }}
|
|
|
|
* or {{ random(article) }}
|
|
|
|
*
|
|
|
|
* @author Fabien Potencier <fabien@symfony.com>
|
|
|
|
*/
|
|
|
|
#[YieldReady]
|
|
|
|
class CheckToStringNode extends AbstractExpression
|
|
|
|
{
|
|
|
|
public function __construct(AbstractExpression $expr)
|
|
|
|
{
|
2025-01-13 09:56:01 +00:00
|
|
|
parent::__construct(['expr' => $expr], [], $expr->getTemplateLine());
|
2024-06-20 14:10:42 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public function compile(Compiler $compiler): void
|
|
|
|
{
|
|
|
|
$expr = $this->getNode('expr');
|
|
|
|
$compiler
|
|
|
|
->raw('$this->sandbox->ensureToStringAllowed(')
|
|
|
|
->subcompile($expr)
|
|
|
|
->raw(', ')
|
|
|
|
->repr($expr->getTemplateLine())
|
|
|
|
->raw(', $this->source)')
|
|
|
|
;
|
|
|
|
}
|
|
|
|
}
|