9
* determines if a resource is secure or not.
11
* @param string $resource_type
12
* @param string $resource_name
16
// $resource_type, $resource_name
18
function smarty_core_is_secure($params, &$smarty)
20
if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) {
24
if ($params['resource_type'] == 'file') {
25
$_rp = realpath($params['resource_name']);
26
if (isset($params['resource_base_path'])) {
27
foreach ((array)$params['resource_base_path'] as $curr_dir) {
28
if ( ($_cd = realpath($curr_dir)) !== false &&
29
strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
30
substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR ) {
35
if (!empty($smarty->secure_dir)) {
36
foreach ((array)$smarty->secure_dir as $curr_dir) {
37
if ( ($_cd = realpath($curr_dir)) !== false) {
40
} elseif (strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
41
substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR) {
48
// resource is not on local file system
49
return call_user_func_array(
50
$smarty->_plugins['resource'][$params['resource_type']][0][2],
51
array($params['resource_name'], &$smarty));
57
/* vim: set expandtab: */