allow php class_exists in smarty security and better 0ffd02c

Rferences #245

include/functions_entries_admin.inc.php

@@ -147,7 +147,6 @@ function serendipity_printEntryForm($targetURL, $hiddens = array(), $entry = arr
     serendipity_smarty_init();
     $serendipity['smarty']->registerPlugin('modifier', 'emit_htmlarea_code', 'serendipity_emit_htmlarea_code');
     $serendipity['smarty']->assign('admin_view', 'entryform');
-    $serendipity['smarty']->assign('has_freetag', class_exists('serendipity_event_freetag'));
     serendipity_plugin_api::hook_event('backend_entryform_smarty', $template_vars);
     $serendipity['smarty']->assignByRef('entry_vars', $template_vars);
     return serendipity_smarty_show($template_vars['entry_template']);

include/serendipity_smarty_class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// serendipity_smarty_class.inc.php lm 2014-11-02 Ian
+// serendipity_smarty_class.inc.php lm 2014-12-10 Ian
 
 // define secure_dir and trusted_dirs for Serendipity_Smarty_Security_Policy class.
 @define('S9Y_TEMPLATE_FALLBACK',    $serendipity['serendipityPath'] . $serendipity['templatePath'] . 'default');
@@ -12,7 +12,7 @@
 class Serendipity_Smarty_Security_Policy extends Smarty_Security 
   { 
     // these are the allowed functions only. - default as is
-    public $php_functions = array('isset', 'empty', 'count', 'sizeof', 'in_array', 'is_array', 'time', 'nl2br');
+    public $php_functions = array('isset', 'empty', 'count', 'sizeof', 'in_array', 'is_array', 'time', 'nl2br', 'class_exists');
     // to disable all PHP functions
     #public $php_functions = null;
 

templates/2k11/admin/entries.tpl

@@ -72,7 +72,7 @@
     <div id="edit_entry_submit">
         <button id="reset_timestamp" class="button_link" type="button" href="#serendipityNewTimestamp" data-currtime="{$entry_vars.reset_timestamp|@formatTime:'o-m-d\TH:i':true:false:true}" title="{$CONST.RESET_DATE_DESC}"><span class="icon-clock"></span><span class="visuallyhidden"> {$CONST.RESET_DATE}</span></button>
         <a id="select_category" class="button_link icon_link" href="#edit_entry_category" title="{$CONST.CATEGORY}"><span class="icon-list-bullet"></span><span class="visuallyhidden">{$CONST.CATEGORIES}</span></a>
-    {if $has_freetag}
+    {if class_exists('serendipity_event_freetag')}
         <a id="select_tags" class="button_link icon_link" href="#edit_entry_freetags" title="{$CONST.PLUGIN_EVENT_FREETAG_MANAGETAGS}"><span class="icon-tag"></span><span class="visuallyhidden">{$CONST.PLUGIN_EVENT_FREETAG_MANAGETAGS}</span></a>
     {/if}
         <button id="switch_entry_status" class="button_link" type="button" href="#edit_entry_status" title="{if $entry_vars.draft_mode == 'publish'}{$CONST.PUBLISH}{else}{$CONST.DRAFT}{/if}" data-title-alt="{if $entry_vars.draft_mode == 'publish'}{$CONST.DRAFT}{else}{$CONST.PUBLISH}{/if}">{if $entry_vars.draft_mode == 'publish'}<span class="icon-toggle-on"></span><span class="visuallyhidden"> {$CONST.PUBLISH}</span>{else}<span class="icon-toggle-off"></span><span class="visuallyhidden"> {$CONST.DRAFT}</span>{/if}</button>