← Back to branch summary

~ubuntu-branches/ubuntu/edgy/smarty/edgy-security

« back to all changes in this revision

Viewing changes to libs/internals/core.is_trusted.php

  • Committer: Bazaar Package Importer
  • Author(s): Dimitri Fontaine
  • Date: 2005-03-29 11:53:20 UTC
  • mfrom: (0.1.1 upstream)
  • Revision ID: james.westby@ubuntu.com-20050329115320-g3rvndgnn75ogm35
Tags: 2.6.8-1
New upstream release

Show diffs side-by-side

added added

removed removed

Lines of Context:
libs/internals/core.is_trusted.php
 
1
<?php
 
2
/**
 
3
 * Smarty plugin
 
4
 * @package Smarty
 
5
 * @subpackage plugins
 
6
 */
 
7
 
 
8
/**
 
9
 * determines if a resource is trusted or not
 
10
 *
 
11
 * @param string $resource_type
 
12
 * @param string $resource_name
 
13
 * @return boolean
 
14
 */
 
15
 
 
16
 // $resource_type, $resource_name
 
17
 
 
18
function smarty_core_is_trusted($params, &$smarty)
 
19
{
 
20
    $_smarty_trusted = false;
 
21
    if ($params['resource_type'] == 'file') {
 
22
        if (!empty($smarty->trusted_dir)) {
 
23
            $_rp = realpath($params['resource_name']);
 
24
            foreach ((array)$smarty->trusted_dir as $curr_dir) {
 
25
                if (!empty($curr_dir) && is_readable ($curr_dir)) {
 
26
                    $_cd = realpath($curr_dir);
 
27
                    if (strncmp($_rp, $_cd, strlen($_cd)) == 0
 
28
                        && $_rp{strlen($_cd)} == DIRECTORY_SEPARATOR ) {
 
29
                        $_smarty_trusted = true;
 
30
                        break;
 
31
                    }
 
32
                }
 
33
            }
 
34
        }
 
35
 
 
36
    } else {
 
37
        // resource is not on local file system
 
38
        $_smarty_trusted = call_user_func_array($smarty->_plugins['resource'][$params['resource_type']][0][3],
 
39
                                                array($params['resource_name'], $smarty));
 
40
    }
 
41
 
 
42
    return $_smarty_trusted;
 
43
}
 
44
 
 
45
/* vim: set expandtab: */
 
46
 
 
47
?>