From 48ac60e08233051cc35fe21a7eb98594a4485438 Mon Sep 17 00:00:00 2001
From: Fabien Potencier <fabien.potencier@gmail.com>
Date: Tue, 14 Dec 2010 11:36:59 +0100
Subject: [PATCH] fixed filesystem loader compatibility with PHAR files

---
 CHANGELOG                      |    1 +
 lib/Twig/Loader/Filesystem.php |   26 ++++++++++++++------------
 2 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index f8ed2c8..dda3a2f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -15,6 +15,7 @@ Backward incompatibilities:
 
 Changes:
 
+ * fixed filesystem loader compatibility with PHAR files
  * enhanced error messages when an unexpected token is parsed in an expression
  * fixed filename not being added to syntax error messages
  * added the autoescape option to enable/disable autoescaping
diff --git a/lib/Twig/Loader/Filesystem.php b/lib/Twig/Loader/Filesystem.php
index 91d8844..e733da4 100644
--- a/lib/Twig/Loader/Filesystem.php
+++ b/lib/Twig/Loader/Filesystem.php
@@ -60,7 +60,7 @@ class Twig_Loader_Filesystem implements Twig_LoaderInterface
                 throw new Twig_Error_Loader(sprintf('The "%s" directory does not exist.', $path));
             }
 
-            $this->paths[] = realpath($path);
+            $this->paths[] = $path;
         }
     }
 
@@ -101,23 +101,25 @@ class Twig_Loader_Filesystem implements Twig_LoaderInterface
 
     protected function findTemplate($name)
     {
+        // normalize name
+        $name = str_replace('\\', '/', $name);
+
+        // remove ./
+        $name = preg_replace('#(^|/)\./(\./)*#', '$1', $name);
+
+        // security check (a name cannot start with ../)
+        if ('..' === substr($name, 0, 2)) {
+            throw new Twig_Error_Loader('Looks like you try to load a template outside configured directories.');
+        }
+
         if (isset($this->cache[$name])) {
             return $this->cache[$name];
         }
 
         foreach ($this->paths as $path) {
-            if (!file_exists($path.DIRECTORY_SEPARATOR.$name) || is_dir($path.DIRECTORY_SEPARATOR.$name)) {
-                continue;
+            if (file_exists($path.DIRECTORY_SEPARATOR.$name) && !is_dir($path.DIRECTORY_SEPARATOR.$name)) {
+                return $this->cache[$name] = $path.DIRECTORY_SEPARATOR.$name;
             }
-
-            $file = realpath($path.DIRECTORY_SEPARATOR.$name);
-
-            // simple security check
-            if (0 !== strpos($file, $path)) {
-                throw new Twig_Error_Loader('Looks like you try to load a template outside configured directories.');
-            }
-
-            return $this->cache[$name] = $file;
         }
 
         throw new Twig_Error_Loader(sprintf('Unable to find template "%s" (looked into: %s).', $name, implode(', ', $this->paths)));
-- 
1.7.2.5