| [ Index ] |
|
Code source de CMS made simple 1.0.5 |
1 <?php 2 /** 3 * Smarty plugin 4 * @package Smarty 5 * @subpackage plugins 6 */ 7 8 /** 9 * determines if a resource is secure or not. 10 * 11 * @param string $resource_type 12 * @param string $resource_name 13 * @return boolean 14 */ 15 16 // $resource_type, $resource_name 17 18 function smarty_core_is_secure($params, &$smarty) 19 { 20 if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) { 21 return true; 22 } 23 24 if ($params['resource_type'] == 'file') { 25 $_rp = realpath($params['resource_name']); 26 if (isset($params['resource_base_path'])) { 27 foreach ((array)$params['resource_base_path'] as $curr_dir) { 28 if ( ($_cd = realpath($curr_dir)) !== false && 29 strncmp($_rp, $_cd, strlen($_cd)) == 0 && 30 substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR ) { 31 return true; 32 } 33 } 34 } 35 if (!empty($smarty->secure_dir)) { 36 foreach ((array)$smarty->secure_dir as $curr_dir) { 37 if ( ($_cd = realpath($curr_dir)) !== false) { 38 if($_cd == $_rp) { 39 return true; 40 } elseif (strncmp($_rp, $_cd, strlen($_cd)) == 0 && 41 substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR) { 42 return true; 43 } 44 } 45 } 46 } 47 } else { 48 // resource is not on local file system 49 return call_user_func_array( 50 $smarty->_plugins['resource'][$params['resource_type']][0][2], 51 array($params['resource_name'], &$smarty)); 52 } 53 54 return false; 55 } 56 57 /* vim: set expandtab: */ 58 59 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Tue Apr 3 18:50:37 2007 | par Balluche grâce à PHPXref 0.7 |