<HTML ><HEAD ><TITLE >$security_settings</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK REL="HOME" TITLE="Smarty Manual" HREF="index.html"><LINK REL="UP" TITLE="Smarty Class Variables" HREF="api.variables.html"><LINK REL="PREVIOUS" TITLE="$secure_dir" HREF="variable.secure.dir.html"><LINK REL="NEXT" TITLE="$trusted_dir" HREF="variable.trusted.dir.html"><META HTTP-EQUIV="Content-type" CONTENT="text/html; charset=ISO-8859-1"></HEAD ><BODY CLASS="sect1" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >Smarty Manual</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="variable.secure.dir.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" >Chapter 12. Smarty Class Variables</TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="variable.trusted.dir.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="sect1" ><H1 CLASS="sect1" ><A NAME="variable.security.settings" ></A >$security_settings</H1 ><P > These are used to override or specify the security settings when <A HREF="variable.security.html" ><TT CLASS="parameter" ><I >$security</I ></TT ></A > is enabled. These are the possible settings: </P ><P ></P ><UL ><LI ><P > <TT CLASS="constant" >PHP_HANDLING</TT > - boolean. If set to <TT CLASS="constant" >TRUE</TT >, the <A HREF="variable.php.handling.html" ><TT CLASS="parameter" ><I >$php_handling</I ></TT ></A > setting is not checked for security. </P ></LI ><LI ><P > <TT CLASS="constant" >IF_FUNCS</TT > - array. The names of permitted PHP functions in <A HREF="language.function.if.html" ><TT CLASS="varname" >{if}</TT ></A > statements. </P ></LI ><LI ><P > <TT CLASS="constant" >INCLUDE_ANY</TT > - boolean. If set to <TT CLASS="constant" >TRUE</TT >, any template can be <A HREF="language.function.include.html" >included</A > from the file system, regardless of the <A HREF="variable.secure.dir.html" ><TT CLASS="parameter" ><I >$secure_dir</I ></TT ></A > list. </P ></LI ><LI ><P > <TT CLASS="constant" >PHP_TAGS</TT > - boolean. If set to <TT CLASS="constant" >TRUE</TT >, <A HREF="language.function.php.html" ><TT CLASS="varname" >{php}{/php}</TT ></A > tags are permitted in the templates. </P ></LI ><LI ><P > <TT CLASS="constant" >MODIFIER_FUNCS</TT > - array. The names of permitted PHP functions that can be used as variable modifiers. </P ></LI ><LI ><P > <TT CLASS="constant" >ALLOW_CONSTANTS</TT > - boolean. If set to <TT CLASS="constant" >TRUE</TT >, constants via <A HREF="language.variables.smarty.html#language.variables.smarty.const" ><TT CLASS="parameter" ><I >{$smarty.const.FOO}</I ></TT ></A > are allowed in the templates. </P ></LI ></UL ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="variable.secure.dir.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="variable.trusted.dir.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >$secure_dir</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="api.variables.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >$trusted_dir</TD ></TR ></TABLE ></DIV ></BODY ></HTML >