XDCCParser-Global/smarty/libs/internals/core.is_secure.php

<?php
/**
 * Smarty plugin
 * @package Smarty
 * @subpackage plugins
 */

/**
 * determines if a resource is secure or not.
 *
 * @param string $resource_type
 * @param string $resource_name
 * @return boolean
 */

//  $resource_type, $resource_name

function smarty_core_is_secure($params, &$smarty)
{
    if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) {
        return true;
    }

    if ($params['resource_type'] == 'file') {
        $_rp = realpath($params['resource_name']);
        if (isset($params['resource_base_path'])) {
            foreach ((array)$params['resource_base_path'] as $curr_dir) {
                if ( ($_cd = realpath($curr_dir)) !== false &&
                     strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
                     substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR ) {
                    return true;
                }
            }
        }
        if (!empty($smarty->secure_dir)) {
            foreach ((array)$smarty->secure_dir as $curr_dir) {
                if ( ($_cd = realpath($curr_dir)) !== false) {
                    if($_cd == $_rp) {
                        return true;
                    } elseif (strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
                        substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR) {
                        return true;
                    }
                }
            }
        }
    } else {
        // resource is not on local file system
        return call_user_func_array(
            $smarty->_plugins['resource'][$params['resource_type']][0][2],
            array($params['resource_name'], &$smarty));
    }

    return false;
}

/* vim: set expandtab: */

?>
Initial commit 2013-08-06 08:08:35 -07:00			`<?php`
			`/**`
			`* Smarty plugin`
			`* @package Smarty`
			`* @subpackage plugins`
			`*/`

			`/**`
			`* determines if a resource is secure or not.`
			`*`
			`* @param string $resource_type`
			`* @param string $resource_name`
			`* @return boolean`
			`*/`

			`// $resource_type, $resource_name`

			`function smarty_core_is_secure($params, &$smarty)`
			`{`
			`if (!$smarty->security \|\| $smarty->security_settings['INCLUDE_ANY']) {`
			`return true;`
			`}`

			`if ($params['resource_type'] == 'file') {`
			`$_rp = realpath($params['resource_name']);`
			`if (isset($params['resource_base_path'])) {`
			`foreach ((array)$params['resource_base_path'] as $curr_dir) {`
			`if ( ($_cd = realpath($curr_dir)) !== false &&`
			`strncmp($_rp, $_cd, strlen($_cd)) == 0 &&`
			`substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR ) {`
			`return true;`
			`}`
			`}`
			`}`
			`if (!empty($smarty->secure_dir)) {`
			`foreach ((array)$smarty->secure_dir as $curr_dir) {`
			`if ( ($_cd = realpath($curr_dir)) !== false) {`
			`if($_cd == $_rp) {`
			`return true;`
			`} elseif (strncmp($_rp, $_cd, strlen($_cd)) == 0 &&`
			`substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR) {`
			`return true;`
			`}`
			`}`
			`}`
			`}`
			`} else {`
			`// resource is not on local file system`
			`return call_user_func_array(`
			`$smarty->_plugins['resource'][$params['resource_type']][0][2],`
			`array($params['resource_name'], &$smarty));`
			`}`

			`return false;`
			`}`

			`/* vim: set expandtab: */`

			`?>`