diff --git a/phpBB/docs/coding-guidelines.html b/phpBB/docs/coding-guidelines.html index ba6db1b39b..a5b3528189 100644 --- a/phpBB/docs/coding-guidelines.html +++ b/phpBB/docs/coding-guidelines.html @@ -1302,24 +1302,6 @@ parent = prosilver <!-- INCLUDE {$SOME_VAR} --> -

PHP

-

The use of PHP in HTML files has been deprected in phpBB 3.3 and will be removed in phpBB 4.0.

-

A contentious decision has seen the ability to include PHP within the template introduced. This is achieved by enclosing the PHP within relevant tags:

- -
-<!-- PHP -->
-	echo "hello!";
-<!-- ENDPHP -->
-
- -

You may also include PHP from an external file using:

- -
-<!-- INCLUDEPHP somefile.php -->
-
- -

it will be included and executed inline.

A note, it is very much encouraged that template designers do not include PHP. The ability to include raw PHP was introduced primarily to allow end users to include banner code, etc. without modifying multiple files (as with 2.0.x). It was not intended for general use ... hence www.phpbb.com will not make available template sets which include PHP. And by default templates will have PHP disabled (the admin will need to specifically activate PHP for a template).

-

Conditionals/Control structures

The most significant addition to 3.x are conditions or control structures, "if something then do this else do that". The system deployed is very similar to Smarty. This may confuse some people at first but it offers great potential and great flexibility with a little imagination. In their most simple form these constructs take the form:

diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index d41a1c010a..ce702da47a 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -428,7 +428,6 @@ class acp_board 'ip_login_limit_max' => array('lang' => 'IP_LOGIN_LIMIT_MAX', 'validate' => 'int:0:999', 'type' => 'number:0:999', 'explain' => true), 'ip_login_limit_time' => array('lang' => 'IP_LOGIN_LIMIT_TIME', 'validate' => 'int:0:99999', 'type' => 'number:0:99999', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']), 'ip_login_limit_use_forwarded' => array('lang' => 'IP_LOGIN_LIMIT_USE_FORWARDED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), - 'tpl_allow_php' => array('lang' => 'TPL_ALLOW_PHP', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'form_token_lifetime' => array('lang' => 'FORM_TIME_MAX', 'validate' => 'int:-1:99999', 'type' => 'number:-1:99999', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']), 'form_token_sid_guests' => array('lang' => 'FORM_SID_GUESTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), diff --git a/phpBB/includes/questionnaire/questionnaire.php b/phpBB/includes/questionnaire/questionnaire.php index d5eb1daf7c..6c168f79b7 100644 --- a/phpBB/includes/questionnaire/questionnaire.php +++ b/phpBB/includes/questionnaire/questionnaire.php @@ -442,7 +442,6 @@ class phpbb_questionnaire_phpbb_data_provider 'smtp_auth_method' => true, 'smtp_delivery' => true, 'topics_per_page' => true, - 'tpl_allow_php' => true, 'version' => true, 'warnings_expire_days' => true, 'warnings_gc' => true, diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index 34faf27334..48926e7b80 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -305,7 +305,6 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('text_reparser.post INSERT INTO phpbb_config (config_name, config_value) VALUES ('text_reparser.user_signature_cron_interval', '10'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('text_reparser.user_signature_last_cron', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('topics_per_page', '25'); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('tpl_allow_php', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('update_hashes_last_cron', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('update_hashes_lock', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons'); diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index 226fdca18e..1ddb30482e 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -538,8 +538,6 @@ $lang = array_merge($lang, array( 'REF_PATH' => 'Also validate path', 'REFERRER_VALID' => 'Validate Referrer', 'REFERRER_VALID_EXPLAIN' => 'If enabled, the referrer of POST requests will be checked against the host/script path settings. This may cause issues with boards using several domains and or external logins.', - 'TPL_ALLOW_PHP' => 'Allow php in templates', - 'TPL_ALLOW_PHP_EXPLAIN' => 'If this option is enabled, PHP and INCLUDEPHP statements will be recognised and parsed in templates.', )); // Email Settings diff --git a/phpBB/phpbb/db/migration/data/v400/remove_template_php.php b/phpBB/phpbb/db/migration/data/v400/remove_template_php.php new file mode 100644 index 0000000000..527d9c8d2a --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v400/remove_template_php.php @@ -0,0 +1,36 @@ + + * @license GNU General Public License, version 2 (GPL-2.0) + * + * For full copyright and license information, please see + * the docs/CREDITS.txt file. + * + */ + +namespace phpbb\db\migration\data\v400; + +use phpbb\db\migration\migration; + +class remove_template_php extends migration +{ + public function effectively_installed(): bool + { + return !$this->config->offsetExists('tpl_allow_php'); + } + + public static function depends_on(): array + { + return [ + '\phpbb\db\migration\data\v400\dev', + ]; + } + + public function update_data(): array + { + return [['config.remove', ['tpl_allow_php']]]; + } +} diff --git a/phpBB/phpbb/template/twig/extension.php b/phpBB/phpbb/template/twig/extension.php index 95c710ad7e..6dc3bb2994 100644 --- a/phpBB/phpbb/template/twig/extension.php +++ b/phpBB/phpbb/template/twig/extension.php @@ -63,8 +63,6 @@ class extension extends \Twig\Extension\AbstractExtension new \phpbb\template\twig\tokenparser\includejs, new \phpbb\template\twig\tokenparser\includecss, new \phpbb\template\twig\tokenparser\event($this->environment), - new \phpbb\template\twig\tokenparser\includephp($this->environment), - new \phpbb\template\twig\tokenparser\php($this->environment), ); } diff --git a/phpBB/phpbb/template/twig/lexer.php b/phpBB/phpbb/template/twig/lexer.php index d5ab8e768a..1d07bb2a99 100644 --- a/phpBB/phpbb/template/twig/lexer.php +++ b/phpBB/phpbb/template/twig/lexer.php @@ -34,11 +34,8 @@ class lexer extends \Twig\Lexer 'UNDEFINE',*/ 'ENDDEFINE', 'INCLUDE', - 'INCLUDEPHP', 'INCLUDEJS', 'INCLUDECSS', - 'PHP', - 'ENDPHP', 'EVENT', ); @@ -79,20 +76,17 @@ class lexer extends \Twig\Lexer // Fix tokens that may have inline variables (e.g. "; - - $cache_dir = $phpbb_root_path . 'cache/'; - $fp = fopen($cache_dir . 'includephp_absolute.html', 'w'); - fputs($fp, $template_text); - fclose($fp); - - $this->setup_engine(array('tpl_allow_php' => true)); - - $this->template->set_custom_style('tests', $cache_dir); - - $this->run_template('includephp_absolute.html', array(), array(), array(), "Path is absolute.\ntesting included php"); - - $this->template->set_filenames(array('test' => 'includephp_absolute.html')); - $this->assertEquals("Path is absolute.\ntesting included php", $this->display('test'), "Testing INCLUDEPHP"); - } -} diff --git a/tests/template/subdir/includephp_from_subdir_test.php b/tests/template/subdir/includephp_from_subdir_test.php deleted file mode 100644 index 089914d787..0000000000 --- a/tests/template/subdir/includephp_from_subdir_test.php +++ /dev/null @@ -1,31 +0,0 @@ - -* @license GNU General Public License, version 2 (GPL-2.0) -* -* For full copyright and license information, please see -* the docs/CREDITS.txt file. -* -*/ - -require_once __DIR__ . '/../template_test_case.php'; - -class phpbb_template_subdir_includephp_from_subdir_test extends phpbb_template_template_test_case -{ - // Exact copy of test_includephp_relatve from ../includephp_test.php. - // Verifies that relative php inclusion works when including script - // (and thus current working directory) is in a subdirectory of - // board root. - public function test_includephp_relative() - { - $this->setup_engine(array('tpl_allow_php' => true)); - - $this->run_template('includephp_relative.html', array(), array(), array(), "Path is relative to board root.\ntesting included php"); - - $this->template->set_filenames(array('test' => 'includephp_relative.html')); - $this->assertEquals("Path is relative to board root.\ntesting included php", $this->display('test'), "Testing INCLUDEPHP"); - } -} diff --git a/tests/template/template_test.php b/tests/template/template_test.php index b004e3bf08..73f897749f 100644 --- a/tests/template/template_test.php +++ b/tests/template/template_test.php @@ -256,13 +256,6 @@ class phpbb_template_template_test extends phpbb_template_template_test_case . str_repeat("pass\n", 3) . "\n" . str_repeat("pass\n", 2) . "\n"), ), - array( - 'php.html', - array(), - array(), - array(), - '', - ), array( 'include.html', array('VARIABLE' => 'value'), @@ -644,24 +637,6 @@ class phpbb_template_template_test extends phpbb_template_template_test_case $this->assertEquals(array('POSITION' => 'O3M2', 'ONE' => true, 'TWO' => 'two', 'THREE' => 3), $this->template->retrieve_block_vars('outer[2].middle[1]', array()), 'Retrieve all vars from a block in the template'); } - public function test_php() - { - global $phpbb_root_path; - - $template_text = 'echo "test";'; - - $cache_dir = $phpbb_root_path . 'cache/'; - $fp = fopen($cache_dir . 'php.html', 'w'); - fputs($fp, $template_text); - fclose($fp); - - $this->setup_engine(array('tpl_allow_php' => true)); - - $this->template->set_custom_style('tests', $cache_dir); - - $this->run_template('php.html', array(), array(), array(), 'test'); - } - public function alter_block_array_data() { return array( diff --git a/tests/template/template_test_case.php b/tests/template/template_test_case.php index 825de7dbcd..52c76b13a5 100644 --- a/tests/template/template_test_case.php +++ b/tests/template/template_test_case.php @@ -64,7 +64,6 @@ class phpbb_template_template_test_case extends phpbb_test_case { $defaults = array( 'load_tplcompile' => true, - 'tpl_allow_php' => false, ); return $defaults; } diff --git a/tests/template/templates/includephp_relative.html b/tests/template/templates/includephp_relative.html deleted file mode 100644 index 297c9efcb0..0000000000 --- a/tests/template/templates/includephp_relative.html +++ /dev/null @@ -1,2 +0,0 @@ -Path is relative to board root. - diff --git a/tests/template/templates/includephp_variables.html b/tests/template/templates/includephp_variables.html deleted file mode 100644 index 6106efc86a..0000000000 --- a/tests/template/templates/includephp_variables.html +++ /dev/null @@ -1,2 +0,0 @@ -Path includes variables. - diff --git a/tests/template/templates/php.html b/tests/template/templates/php.html deleted file mode 100644 index 07a260cdb3..0000000000 --- a/tests/template/templates/php.html +++ /dev/null @@ -1 +0,0 @@ -echo "test";