From c7142db6400cef0ba529373107b7e303b9da21ad Mon Sep 17 00:00:00 2001
From: Chi <Chi@556138.no-reply.drupal.org>
Date: Mon, 27 Jun 2016 16:22:13 +0000
Subject: [PATCH] Issue #2743775 by sylus: Make risks of php feature more
 obvious and harder to use

---
 src/TwigExtension.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/TwigExtension.php b/src/TwigExtension.php
index 2032e9e..3aff425 100644
--- a/src/TwigExtension.php
+++ b/src/TwigExtension.php
@@ -5,6 +5,7 @@ namespace Drupal\twig_tweak;
 use Drupal\Core\Config\ConfigFactoryInterface;
 use Drupal\Core\Entity\EntityTypeManagerInterface;
 use Drupal\Core\Routing\RouteMatchInterface;
+use Drupal\Core\Site\Settings;
 use Drupal\Core\Utility\Token;
 
 /**
@@ -76,11 +77,15 @@ class TwigExtension extends \Twig_Extension {
    * {@inheritdoc}
    */
   public function getFilters() {
-    return [
-      new \Twig_SimpleFilter('php', [$this, 'phpFilter']),
+    $filters = [
       new \Twig_SimpleFilter('token_replace', [$this, 'tokenReplaceFilter']),
       new \Twig_SimpleFilter('preg_replace', [$this, 'pregPeplaceFilter']),
     ];
+    // PHP filter should be enabled in settings.php file.
+    if (Settings::get('twig_tweak_enable_php_filter')) {
+      $filters[] = new \Twig_SimpleFilter('php', [$this, 'phpFilter']);
+    }
+    return $filters;
   }
 
   /**