From: Fabien Potencier <fabien.potencier@gmail.com>
Date: Tue, 14 Dec 2010 10:36:59 +0000 (+0100)
Subject: fixed filesystem loader compatibility with PHAR files
X-Git-Url: http://git.silmor.de/gitweb/?a=commitdiff_plain;h=48ac60e08233051cc35fe21a7eb98594a4485438;p=web%2Fkonrad%2Ftwig.git

fixed filesystem loader compatibility with PHAR files
---

diff --git a/CHANGELOG b/CHANGELOG
index f8ed2c8..dda3a2f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -15,6 +15,7 @@ Backward incompatibilities:
 
 Changes:
 
+ * fixed filesystem loader compatibility with PHAR files
  * enhanced error messages when an unexpected token is parsed in an expression
  * fixed filename not being added to syntax error messages
  * added the autoescape option to enable/disable autoescaping
diff --git a/lib/Twig/Loader/Filesystem.php b/lib/Twig/Loader/Filesystem.php
index 91d8844..e733da4 100644
--- a/lib/Twig/Loader/Filesystem.php
+++ b/lib/Twig/Loader/Filesystem.php
@@ -60,7 +60,7 @@ class Twig_Loader_Filesystem implements Twig_LoaderInterface
                 throw new Twig_Error_Loader(sprintf('The "%s" directory does not exist.', $path));
             }
 
-            $this->paths[] = realpath($path);
+            $this->paths[] = $path;
         }
     }
 
@@ -101,23 +101,25 @@ class Twig_Loader_Filesystem implements Twig_LoaderInterface
 
     protected function findTemplate($name)
     {
+        // normalize name
+        $name = str_replace('\\', '/', $name);
+
+        // remove ./
+        $name = preg_replace('#(^|/)\./(\./)*#', '$1', $name);
+
+        // security check (a name cannot start with ../)
+        if ('..' === substr($name, 0, 2)) {
+            throw new Twig_Error_Loader('Looks like you try to load a template outside configured directories.');
+        }
+
         if (isset($this->cache[$name])) {
             return $this->cache[$name];
         }
 
         foreach ($this->paths as $path) {
-            if (!file_exists($path.DIRECTORY_SEPARATOR.$name) || is_dir($path.DIRECTORY_SEPARATOR.$name)) {
-                continue;
+            if (file_exists($path.DIRECTORY_SEPARATOR.$name) && !is_dir($path.DIRECTORY_SEPARATOR.$name)) {
+                return $this->cache[$name] = $path.DIRECTORY_SEPARATOR.$name;
             }
-
-            $file = realpath($path.DIRECTORY_SEPARATOR.$name);
-
-            // simple security check
-            if (0 !== strpos($file, $path)) {
-                throw new Twig_Error_Loader('Looks like you try to load a template outside configured directories.');
-            }
-
-            return $this->cache[$name] = $file;
         }
 
         throw new Twig_Error_Loader(sprintf('Unable to find template "%s" (looked into: %s).', $name, implode(', ', $this->paths)));