From 38ff08489ea4a759c6d40cceb53e40bee53c6478 Mon Sep 17 00:00:00 2001
From: Sam <samerton@users.noreply.github.com>
Date: Sun, 12 Jan 2025 20:22:59 +0000
Subject: [PATCH] feat: set template base directory upon initialisation and
 allow custom smarty security directories

---
 core/classes/Templates/SmartyTemplateBase.php |  8 +++---
 .../Templates/SmartyTemplateEngine.php        | 27 ++++++++++++-------
 core/classes/Templates/TemplateBase.php       |  8 ++++++
 core/classes/Templates/TwigTemplateBase.php   |  4 +--
 core/classes/Templates/TwigTemplateEngine.php |  6 ++---
 custom/panel_templates/Default/template.php   |  2 +-
 custom/templates/DefaultRevamp/template.php   |  2 +-
 7 files changed, 37 insertions(+), 20 deletions(-)

diff --git a/core/classes/Templates/SmartyTemplateBase.php b/core/classes/Templates/SmartyTemplateBase.php
index ac6071ee6a..0a01f17b30 100644
--- a/core/classes/Templates/SmartyTemplateBase.php
+++ b/core/classes/Templates/SmartyTemplateBase.php
@@ -15,12 +15,12 @@ abstract class SmartyTemplateBase extends TemplateBase
      * @param string $version
      * @param string $nameless_version
      * @param string $author
-     * @param bool   $panelTemplate
+     * @param string $dir
      */
-    public function __construct(string $name, string $version, string $nameless_version, string $author, bool $panelTemplate = false)
+    public function __construct(string $name, string $version, string $nameless_version, string $author, string $dir)
     {
-        parent::__construct($name, $version, $nameless_version, $author);
+        $this->_engine = new SmartyTemplateEngine($dir);
 
-        $this->_engine = new SmartyTemplateEngine($name, $panelTemplate);
+        parent::__construct($name, $version, $nameless_version, $author);
     }
 }
diff --git a/core/classes/Templates/SmartyTemplateEngine.php b/core/classes/Templates/SmartyTemplateEngine.php
index 342bfbf690..4a2a32e29e 100644
--- a/core/classes/Templates/SmartyTemplateEngine.php
+++ b/core/classes/Templates/SmartyTemplateEngine.php
@@ -8,14 +8,14 @@
  */
 class SmartyTemplateEngine extends TemplateEngine
 {
+    protected Smarty_Security $_securityPolicy;
     private Smarty $_smarty;
 
     /**
-     * @param  string          $template      Template name to load
-     * @param  bool            $panelTemplate Whether this is a panel template or not
+     * @param  string          $dir Path to template directory
      * @throws SmartyException
      */
-    public function __construct(string $template, bool $panelTemplate = false)
+    public function __construct(string $dir)
     {
         $smarty = new Smarty();
 
@@ -50,17 +50,13 @@ public function __construct(string $template, bool $panelTemplate = false)
         $smarty->enableSecurity($securityPolicy);
 
         $smarty->setCompileDir(ROOT_PATH . '/cache/templates_c');
-
-        if ($panelTemplate) {
-            $smarty->setTemplateDir(ROOT_PATH . '/custom/panel_templates/' . $template);
-        } else {
-            $smarty->setTemplateDir(ROOT_PATH . '/custom/templates/' . $template);
-        }
+        $smarty->setTemplateDir($dir);
 
         if (defined('PHPDEBUGBAR')) {
             DebugBarHelper::getInstance()->addSmartyCollector($smarty);
         }
 
+        $this->_securityPolicy = $securityPolicy;
         $this->_smarty = $smarty;
 
         parent::__construct();
@@ -84,4 +80,17 @@ public function clearCache(): void
     {
         $this->_smarty->clearAllCache();
     }
+
+
+    /**
+     * Add an extra directory to the Smarty security policy
+     *
+     * @param string $dir Directory to add to policy
+     * @return void
+     */
+    public function addSecurityPolicyDirectory(string $dir): void
+    {
+        $this->_securityPolicy->secure_dir = [...$this->_securityPolicy->secure_dir, $dir];
+        $this->_smarty->enableSecurity($this->_securityPolicy);
+    }
 }
diff --git a/core/classes/Templates/TemplateBase.php b/core/classes/Templates/TemplateBase.php
index fd06b41cd0..7fc919efa1 100644
--- a/core/classes/Templates/TemplateBase.php
+++ b/core/classes/Templates/TemplateBase.php
@@ -55,6 +55,14 @@ public function __construct(string $name, string $version, string $nameless_vers
         $this->_version = $version;
         $this->_nameless_version = $nameless_version;
         $this->_author = $author;
+
+        /*
+         * Temporary assignment to Smarty template engine for backwards compatibility for templates which extend TemplateBase
+         * This will be removed in 2.3.0 - breaking change!
+         */
+        if (!isset($this->_engine)) {
+            $this->_engine = new SmartyTemplateEngine(ROOT_PATH . '/custom/templates/' . $name);
+        }
     }
 
     /**
diff --git a/core/classes/Templates/TwigTemplateBase.php b/core/classes/Templates/TwigTemplateBase.php
index e7b9b23cf2..63614179ad 100644
--- a/core/classes/Templates/TwigTemplateBase.php
+++ b/core/classes/Templates/TwigTemplateBase.php
@@ -11,10 +11,10 @@
  */
 abstract class TwigTemplateBase extends TemplateBase
 {
-    public function __construct(string $name, string $version, string $nameless_version, string $author)
+    public function __construct(string $name, string $version, string $nameless_version, string $author, string $dir)
     {
         parent::__construct($name, $version, $nameless_version, $author);
 
-        $this->_engine = new TwigTemplateEngine($name);
+        $this->_engine = new TwigTemplateEngine($dir);
     }
 }
diff --git a/core/classes/Templates/TwigTemplateEngine.php b/core/classes/Templates/TwigTemplateEngine.php
index efb7b96697..e52d9bbbeb 100644
--- a/core/classes/Templates/TwigTemplateEngine.php
+++ b/core/classes/Templates/TwigTemplateEngine.php
@@ -18,11 +18,11 @@ class TwigTemplateEngine extends TemplateEngine
     private Environment $_twig;
 
     /**
-     * @param string $template Template name to load.
+     * @param string $dir Path to template directory
      */
-    public function __construct(string $template)
+    public function __construct(string $dir)
     {
-        $loader = new FilesystemLoader(ROOT_PATH . '/custom/templates/' . $template);
+        $loader = new FilesystemLoader($dir);
         $twig = new Environment($loader, [
             'cache' => ROOT_PATH . '/cache/twig',
         ]);
diff --git a/custom/panel_templates/Default/template.php b/custom/panel_templates/Default/template.php
index 9ebd86d647..0d6ed0e754 100644
--- a/custom/panel_templates/Default/template.php
+++ b/custom/panel_templates/Default/template.php
@@ -28,7 +28,7 @@ public function __construct(Language $language)
                 '2.2.0',  // Template version
                 '2.2.0',  // Nameless version template is made for
                 '<a href="https://coldfiredzn.com" target="_blank">Coldfire</a>',  // Author, you can use HTML here
-                true, // Set to true for panel templates
+                __DIR__, // Specify the path to the template
             );
 
             $this->assets()->include([
diff --git a/custom/templates/DefaultRevamp/template.php b/custom/templates/DefaultRevamp/template.php
index d8df4d667d..03b26a8fb4 100755
--- a/custom/templates/DefaultRevamp/template.php
+++ b/custom/templates/DefaultRevamp/template.php
@@ -33,7 +33,7 @@ public function __construct(Cache $cache, Language $language, User $user, Pages
 
         $template['path'] = (defined('CONFIG_PATH') ? CONFIG_PATH : '') . '/custom/templates/' . $template['name'] . '/';
 
-        parent::__construct($template['name'], $template['version'], $template['nl_version'], $template['author']);
+        parent::__construct($template['name'], $template['version'], $template['nl_version'], $template['author'], __DIR__);
 
         $this->_settings = ROOT_PATH . '/custom/templates/DefaultRevamp/template_settings/settings.php';