- bugfix uppercase TRUE, FALSE and NULL did not work when security wa…

…s enabled #282
smarty-php · Sep 6, 2016 · e5bbc05 · e5bbc05
1 parent e82f966
commit e5bbc05
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 2 deletions.
diff --git a/change_log.txt b/change_log.txt
@@ -1,6 +1,7 @@
 ===== 3.1.31-dev ===== (xx.xx.xx)
  07.09.2016
   - bugfix using nocache like attribute with value true like {plugin nocache=true} did not work https://github.com/smarty-php/smarty/issues/285
+  - bugfix uppercase TRUE, FALSE and NULL did not work when security was enabled https://github.com/smarty-php/smarty/issues/282
 
  01.09.2016
   - performance require_once should be called only once for shared plugins https://github.com/smarty-php/smarty/issues/280

diff --git a/libs/Smarty.class.php b/libs/Smarty.class.php
@@ -114,7 +114,7 @@ class Smarty extends Smarty_Internal_TemplateBase
     /**
      * smarty version
      */
-    const SMARTY_VERSION = '3.1.31-dev/9';
+    const SMARTY_VERSION = '3.1.31-dev/10';
 
     /**
      * define variable scopes

diff --git a/libs/sysplugins/smarty_security.php b/libs/sysplugins/smarty_security.php
@@ -472,7 +472,7 @@ public function isTrustedConstant($const, $compiler)
             return true;
         }
         if (!empty($this->trusted_constants)) {
-            if (!in_array($const, $this->trusted_constants)) {
+            if (!in_array(strtolower($const), $this->trusted_constants)) {
                 $compiler->trigger_template_error("Security: access to constant '{$const}' not permitted");
                 return false;
             }