From 59211ce36e528440b11a4514a1a3e4b727fdd01a Mon Sep 17 00:00:00 2001
From: Garvin Hicking <blog@garv.in>
Date: Wed, 21 Dec 2011 17:21:05 +0100
Subject: [PATCH] Magic __set method to react to
 $serendipity['smarty']->security = false; which is the documented way in a
 template's config.inc.php to disable security in past s9y versions

---
 include/serendipity_smarty_class.inc.php | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/include/serendipity_smarty_class.inc.php b/include/serendipity_smarty_class.inc.php
index 8ac8bfc8..9ece7f26 100644
--- a/include/serendipity_smarty_class.inc.php
+++ b/include/serendipity_smarty_class.inc.php
@@ -47,6 +47,19 @@ class Serendipity_Smarty extends Smarty
     // bc mode for plugins Smarty2 compat INCLUDE_ANY fetch() calls - to avoid an undefinied property error.
     public $security_settings = false;
     
+    
+    public function __set($name, $value) {
+        if ($name == 'security') {
+            if ($value) {
+                $this->enableSecurity('Serendipity_Smarty_Security_Policy');
+            } else {
+                $this->disableSecurity();
+            }    
+        } else {
+            parent::__set($name, $value);
+        }
+    }
+    
     /**
      * It is often helpful to access the Smarty object from anywhere in your code, e.g in Plugins.
      * Enables the Smarty object by instance always. The singleton pattern ensures that there is only one instance of the object available.