← Back to branch summary

~titan-phpdevshell/phpdevshell/main

« back to all changes in this revision

Viewing changes to includes/legacy/smarty/internals/core.is_secure.php

  • Committer: Jason Schoeman
  • Date: 2011-12-06 14:03:32 UTC
  • Revision ID: titan@phpdevshell.org-20111206140332-4ej6qy4b36d3q96s
Crud Added
ORM Added
Control Panel optimized

Show diffs side-by-side

added added

removed removed

Lines of Context:
includes/legacy/smarty/internals/core.is_secure.php
1
 
<?php
2
 
/**
3
 
 * Smarty plugin
4
 
 * @package Smarty
5
 
 * @subpackage plugins
6
 
 */
7
 
 
8
 
/**
9
 
 * determines if a resource is secure or not.
10
 
 *
11
 
 * @param string $resource_type
12
 
 * @param string $resource_name
13
 
 * @return boolean
14
 
 */
15
 
 
16
 
//  $resource_type, $resource_name
17
 
 
18
 
function smarty_core_is_secure($params, &$smarty)
19
 
{
20
 
    if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) {
21
 
        return true;
22
 
    }
23
 
 
24
 
    if ($params['resource_type'] == 'file') {
25
 
        $_rp = realpath($params['resource_name']);
26
 
        if (isset($params['resource_base_path'])) {
27
 
            foreach ((array)$params['resource_base_path'] as $curr_dir) {
28
 
                if ( ($_cd = realpath($curr_dir)) !== false &&
29
 
                     strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
30
 
                     substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR ) {
31
 
                    return true;
32
 
                }
33
 
            }
34
 
        }
35
 
        if (!empty($smarty->secure_dir)) {
36
 
            foreach ((array)$smarty->secure_dir as $curr_dir) {
37
 
                if ( ($_cd = realpath($curr_dir)) !== false) {
38
 
                    if($_cd == $_rp) {
39
 
                        return true;
40
 
                    } elseif (strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
41
 
                        substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR) {
42
 
                        return true;
43
 
                    }
44
 
                }
45
 
            }
46
 
        }
47
 
    } else {
48
 
        // resource is not on local file system
49
 
        return call_user_func_array(
50
 
            $smarty->_plugins['resource'][$params['resource_type']][0][2],
51
 
            array($params['resource_name'], &$smarty));
52
 
    }
53
 
 
54
 
    return false;
55
 
}
56
 
 
57
 
/* vim: set expandtab: */
58
 
 
59
 
?>