• Main Page
  • Related Pages
  • Namespaces
  • Data Structures
  • Files
  • Examples
  • File List

E:/E/GEAMP/www/openbiz/openbiz/others/Smarty/libs/internals/core.is_secure.php

00001 <?php
00016 //  $resource_type, $resource_name
00017 
00018 function smarty_core_is_secure($params, &$smarty)
00019 {
00020     if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) {
00021         return true;
00022     }
00023 
00024     if ($params['resource_type'] == 'file') {
00025         $_rp = realpath($params['resource_name']);
00026         if (isset($params['resource_base_path'])) {
00027             foreach ((array)$params['resource_base_path'] as $curr_dir) {
00028                 if ( ($_cd = realpath($curr_dir)) !== false &&
00029                      strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
00030                      $_rp{strlen($_cd)} == DIRECTORY_SEPARATOR ) {
00031                     return true;
00032                 }
00033             }
00034         }
00035         if (!empty($smarty->secure_dir)) {
00036             foreach ((array)$smarty->secure_dir as $curr_dir) {
00037                 if ( ($_cd = realpath($curr_dir)) !== false) {
00038                     if( strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
00039                      $_rp{strlen($_cd)} == DIRECTORY_SEPARATOR ) {
00040                         return true;
00041                     } elseif ($_cd == $_rp) {
00042                         return true;
00043                     }
00044                 }
00045             }
00046         }
00047     } else {
00048         // resource is not on local file system
00049         return call_user_func_array(
00050             $smarty->_plugins['resource'][$params['resource_type']][0][2],
00051             array($params['resource_name'], &$smarty));
00052     }
00053 
00054     return false;
00055 }
00056 
00057 /* vim: set expandtab: */
00058 
00059 ?>

Generated on Thu Apr 19 2012 17:01:16 for openbiz by  doxygen 1.7.2