XOOPS 2.5.6  Final
 All Classes Namespaces Files Functions Variables Pages
core.is_secure.php
Go to the documentation of this file.
1 <?php
16 // $resource_type, $resource_name
17 
18 function smarty_core_is_secure($params, &$smarty)
19 {
20  if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) {
21  return true;
22  }
23 
24  if ($params['resource_type'] == 'file') {
25  $_rp = realpath($params['resource_name']);
26  if (isset($params['resource_base_path'])) {
27  foreach ((array)$params['resource_base_path'] as $curr_dir) {
28  if ( ($_cd = realpath($curr_dir)) !== false &&
29  strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
30  substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR ) {
31  return true;
32  }
33  }
34  }
35  if (!empty($smarty->secure_dir)) {
36  foreach ((array)$smarty->secure_dir as $curr_dir) {
37  if ( ($_cd = realpath($curr_dir)) !== false) {
38  if($_cd == $_rp) {
39  return true;
40  } elseif (strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
41  substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR) {
42  return true;
43  }
44  }
45  }
46  }
47  } else {
48  // resource is not on local file system
49  return call_user_func_array(
50  $smarty->_plugins['resource'][$params['resource_type']][0][2],
51  array($params['resource_name'], &$smarty));
52  }
53 
54  return false;
55 }
56 
57 /* vim: set expandtab: */
58 
59 ?>