- prevent undefined var in loop count for tpl lib

Author: Marius Burkard

install/lib/classes/tpl.inc.php

@@ -931,12 +931,17 @@ private function _parseLoop ($varname)
 		{
 			array_push($this->_namespace, $varname);
 			$tempvar = count($this->_namespace) - 1;
-			$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < count(\$this->_arrvars";
+			$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < (isset(\$this->_arrvars";
 			for ($i=0; $i < count($this->_namespace); $i++) {
 				$retstr .= "['".$this->_namespace[$i]."']";
 				if ($this->_namespace[$i] != $varname) $retstr .= "[\$_".$i."]";
 			}
-			return $retstr."); \$_".$tempvar."++) {";
+			$retstr .= ") ? count(\$this->_arrvars";
+			for ($i=0; $i < count($this->_namespace); $i++) {
+				$retstr .= "['".$this->_namespace[$i]."']";
+				if ($this->_namespace[$i] != $varname) $retstr .= "[\$_".$i."]";
+			}
+			return $retstr.") : 0); \$_".$tempvar."++) {";
 		}
 
 		/**
@@ -1035,7 +1040,7 @@ private function _parseTag ($args)
 			$wholetag = $args[0];
 			$openclose = $args[1];
 			$tag = strtolower($args[2]);
-			
+
 			if ($tag == 'else') return '<?php } else { ?>';
 			if ($tag == 'tmpl_include') return $wholetag; // ignore tmpl_include tags
 
@@ -1170,7 +1175,15 @@ private function _parse ($compress = '')
 
 			array_push($this->_currentincludedir, dirname($this->_tmplfilename));
 			$this->_includedepth++;
-			$success = @eval($this->_tmplfilep);
+			try {
+				$success = @eval($this->_tmplfilep);
+			} catch(Exception $ex) {
+				print $this->_tmplfilep;
+				throw $ex;
+			} catch(TypeError $ex) {
+				print $this->_tmplfilep;
+				throw $ex;
+			}
 			$this->_includedepth--;
 			array_pop($this->_currentincludedir);
 

install/lib/installer_base.lib.php

@@ -1914,10 +1914,10 @@ public function configure_rspamd() {
 			}
 
 			$tpl->setVar('dkim_path', $mail_config['dkim_path']);
-			$tpl->setVar('rspamd_redis_servers', $mail_config['rspamd_redis_servers']);
-			$tpl->setVar('rspamd_redis_password', $mail_config['rspamd_redis_password']);
-			$tpl->setVar('rspamd_redis_bayes_servers', $mail_config['rspamd_redis_bayes_servers']);
-			$tpl->setVar('rspamd_redis_bayes_password', $mail_config['rspamd_redis_bayes_password']);
+			$tpl->setVar('rspamd_redis_servers', (isset($mail_config['rspamd_redis_servers']) ? $mail_config['rspamd_redis_servers'] : ''));
+			$tpl->setVar('rspamd_redis_password', (isset($mail_config['rspamd_redis_password']) ? $mail_config['rspamd_redis_password'] : ''));
+			$tpl->setVar('rspamd_redis_bayes_servers', (isset($mail_config['rspamd_redis_bayes_servers']) ? $mail_config['rspamd_redis_bayes_servers'] : ''));
+			$tpl->setVar('rspamd_redis_bayes_password', (isset($mail_config['rspamd_redis_bayes_password']) ? $mail_config['rspamd_redis_bayes_password'] : ''));
 			if(count($local_addrs) > 0) {
 				$tpl->setLoop('local_addrs', $local_addrs);
 			}

interface/lib/classes/tpl.inc.php

@@ -233,7 +233,7 @@ public function newTemplate($tmplfile)
 		public function setVar($k, $v = null, $encode = false)
 		{
 			global $app;
-			
+
 			if (is_array($k)) {
 				foreach($k as $key => $value){
 					$key = ($this->OPTIONS['CASELESS']) ? strtolower(trim($key)) : trim($key);
@@ -1079,12 +1079,12 @@ private function _parseIf($varname, $value = null, $op = null, $namespace = null
 		private function _parseHook ($name)
 		{
 			global $app;
-			
+
 			if(!$name) return false;
-			
+
 			$module = isset($_SESSION['s']['module']['name']) ? $_SESSION['s']['module']['name'] : '';
 			$form = isset($app->tform->formDef['name']) ? $app->tform->formDef['name'] : '';
-			
+
 			$events = array();
 			if($module) {
 				$events[] = $module . ':' . ($form ? $form : '') . ':' . $name;
@@ -1093,9 +1093,9 @@ private function _parseHook ($name)
 				$events[] = $name;
 				$events[] = 'on_template_content';
 			}
-			
+
 			$events = array_unique($events);
-			
+
 			for($e = 0; $e < count($events); $e++) {
 				$tmpresult = $app->plugin->raiseEvent($events[$e], array(
 					'name' => $name,
@@ -1104,10 +1104,10 @@ private function _parseHook ($name)
 				), true);
 				if(!$tmpresult) $tmpresult = '';
 				else $tmpresult = $this->_getData($tmpresult, false, true);
-				
+
 				$result .= $tmpresult;
 			}
-			
+
 			return $result;
 		}
 
@@ -1121,12 +1121,17 @@ private function _parseLoop ($varname)
 		{
 			array_push($this->_namespace, $varname);
 			$tempvar = count($this->_namespace) - 1;
-			$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < count(\$this->_arrvars";
+			$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < (isset(\$this->_arrvars";
 			for ($i=0; $i < count($this->_namespace); $i++) {
 				$retstr .= "['".$this->_namespace[$i]."']";
 				if ($this->_namespace[$i] != $varname) $retstr .= "[\$_".$i."]";
 			}
-			return $retstr."); \$_".$tempvar."++) {";
+			$retstr .= ") ? count(\$this->_arrvars";
+			for ($i=0; $i < count($this->_namespace); $i++) {
+				$retstr .= "['".$this->_namespace[$i]."']";
+				if ($this->_namespace[$i] != $varname) $retstr .= "[\$_".$i."]";
+			}
+			return $retstr.") : 0); \$_".$tempvar."++) {";
 		}
 
 		/**
@@ -1225,7 +1230,7 @@ private function _parseTag ($args)
 			$wholetag = $args[0];
 			$openclose = $args[1];
 			$tag = strtolower($args[2]);
-			
+
 			if ($tag == 'else') return '<?php } else { ?>';
 			if ($tag == 'tmpl_include') return $wholetag; // ignore tmpl_include tags
 
@@ -1303,10 +1308,10 @@ private function _parseTag ($args)
 				if ($this->OPTIONS['ENABLE_PHPINCLUDE']) {
 					return '<?php include(\''.$file.'\'); ?>';
 				}
-			
+
 			case 'hook':
 				return $this->_parseHook(@$var);
-			
+
 			case 'include':
 				return '<?php $this->_getData($this->_fileSearch(\''.$file.'\'), 1); ?>';
 

server/lib/classes/tpl.inc.php

@@ -1074,18 +1074,18 @@ private function _parseIf($varname, $value = null, $op = null, $namespace = null
 		private function _parseHook ($name)
 		{
 			global $app;
-			
+
 			$namespace = '';
 			if(strpos($name, ':') !== false) list($namespace, $name) = explode(':', $name, 2);
-			
+
 			$result = $app->plugins->raiseAction('on_template_content_hook', array(
 				'name' => $name,
 				'namespace' => $namespace,
 				'vars' => $this->_vars
 			), true);
 			if(!$result) $result = '';
 			else $result = $this->_getData($result, false, true);
-			
+
 			return $result;
 		}
 
@@ -1099,12 +1099,17 @@ private function _parseLoop ($varname)
 		{
 			array_push($this->_namespace, $varname);
 			$tempvar = count($this->_namespace) - 1;
-			$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < count(\$this->_arrvars";
+			$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < (isset(\$this->_arrvars";
+			for ($i=0; $i < count($this->_namespace); $i++) {
+				$retstr .= "['".$this->_namespace[$i]."']";
+				if ($this->_namespace[$i] != $varname) $retstr .= "[\$_".$i."]";
+			}
+			$retstr .= ") ? count(\$this->_arrvars";
 			for ($i=0; $i < count($this->_namespace); $i++) {
 				$retstr .= "['".$this->_namespace[$i]."']";
 				if ($this->_namespace[$i] != $varname) $retstr .= "[\$_".$i."]";
 			}
-			return $retstr."); \$_".$tempvar."++) {";
+			return $retstr.") : 0); \$_".$tempvar."++) {";
 		}
 
 		/**
@@ -1203,7 +1208,7 @@ private function _parseTag ($args)
 			$wholetag = $args[0];
 			$openclose = $args[1];
 			$tag = strtolower($args[2]);
-			
+
 			if ($tag == 'else') return '<?php } else { ?>';
 			if ($tag == 'tmpl_include') return $wholetag; // ignore tmpl_include tags
 
@@ -1281,10 +1286,10 @@ private function _parseTag ($args)
 				if ($this->OPTIONS['ENABLE_PHPINCLUDE']) {
 					return '<?php include(\''.$file.'\'); ?>';
 				}
-			
+
 			case 'hook':
 				return $this->_parseHook(@$var);
-			
+
 			case 'include':
 				return '<?php $this->_getData($this->_fileSearch(\''.$file.'\'), 1); ?>';