PHP Classes

File: htdocs/class/smarty/internals/core.is_secure.php

Recommend this page to a friend!
  Classes of Michael Beck   Xoops 2.5   htdocs/class/smarty/internals/core.is_secure.php   Download  
File: htdocs/class/smarty/internals/core.is_secure.php
Role: Example script
Content type: text/plain
Description: Example script
Class: Xoops 2.5
Modular content management publication system
Author: By
Last change:
Date: 6 years ago
Size: 1,694 bytes
 

Contents

Class file image Download
<?php
/**
 * Smarty plugin
 * @package Smarty
 * @subpackage plugins
 */

/**
 * determines if a resource is secure or not.
 *
 * @param string $resource_type
 * @param string $resource_name
 * @return boolean
 */

// $resource_type, $resource_name

function smarty_core_is_secure($params, &$smarty)
{
    if (!
$smarty->security || $smarty->security_settings['INCLUDE_ANY']) {
        return
true;
    }

    if (
$params['resource_type'] == 'file') {
       
$_rp = realpath($params['resource_name']);
        if (isset(
$params['resource_base_path'])) {
            foreach ((array)
$params['resource_base_path'] as $curr_dir) {
                if ( (
$_cd = realpath($curr_dir)) !== false &&
                    
strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
                    
substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR ) {
                    return
true;
                }
            }
        }
        if (!empty(
$smarty->secure_dir)) {
            foreach ((array)
$smarty->secure_dir as $curr_dir) {
                if ( (
$_cd = realpath($curr_dir)) !== false) {
                    if(
$_cd == $_rp) {
                        return
true;
                    } elseif (
strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
                       
substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR) {
                        return
true;
                    }
                }
            }
        }
    } else {
       
// resource is not on local file system
       
return call_user_func_array(
           
$smarty->_plugins['resource'][$params['resource_type']][0][2],
            array(
$params['resource_name'], &$smarty));
    }

    return
false;
}

/* vim: set expandtab: */

?>