[Sommaire] [Imprimer]

   1  <?php
   2  /**
   3   * Smarty plugin
   4   * @package Smarty
   5   * @subpackage plugins
   6   */
   7  
   8  /**
   9   * determines if a resource is secure or not.
  10   *
  11   * @param string $resource_type
  12   * @param string $resource_name
  13   * @return boolean
  14   */
  15  
  16  //  $resource_type, $resource_name
  17  
  18  function smarty_core_is_secure($params, &$smarty)
  19  {
  20      if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) {
  21          return true;
  22      }
  23  
  24      if ($params['resource_type'] == 'file') {
  25          $_rp = realpath($params['resource_name']);
  26          if (isset($params['resource_base_path'])) {
  27              foreach ((array)$params['resource_base_path'] as $curr_dir) {
  28                  if ( ($_cd = realpath($curr_dir)) !== false &&
  29                       strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
  30                       $_rp{strlen($_cd)} == DIRECTORY_SEPARATOR ) {
  31                      return true;
  32                  }
  33              }
  34          }
  35          if (!empty($smarty->secure_dir)) {
  36              foreach ((array)$smarty->secure_dir as $curr_dir) {
  37                  if ( ($_cd = realpath($curr_dir)) !== false &&
  38                       strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
  39                       $_rp{strlen($_cd)} == DIRECTORY_SEPARATOR ) {
  40                      return true;
  41                  }            
  42              }
  43          }
  44      } else {
  45          // resource is not on local file system
  46          return call_user_func_array(
  47              $smarty->_plugins['resource'][$params['resource_type']][0][2],
  48              array($params['resource_name'], &$smarty));
  49      }
  50  
  51      return false;
  52  }
  53  
  54  /* vim: set expandtab: */
  55  
  56  ?>