PageRenderTime 27ms CodeModel.GetById 19ms app.highlight 4ms RepoModel.GetById 1ms app.codeStats 1ms

/framework/vendor/smarty2/lib/internals/core.is_secure.php

http://zoop.googlecode.com/
PHP | 59 lines | 37 code | 7 blank | 15 comment | 15 complexity | 7ea83dd65e64bc0bc893d44096ec61e0 MD5 | raw file
 1<?php
 2/**
 3 * Smarty plugin
 4 * @package Smarty
 5 * @subpackage plugins
 6 */
 7
 8/**
 9 * determines if a resource is secure or not.
10 *
11 * @param string $resource_type
12 * @param string $resource_name
13 * @return boolean
14 */
15
16//  $resource_type, $resource_name
17
18function smarty_core_is_secure($params, &$smarty)
19{
20    if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) {
21        return true;
22    }
23
24    if ($params['resource_type'] == 'file') {
25        $_rp = realpath($params['resource_name']);
26        if (isset($params['resource_base_path'])) {
27            foreach ((array)$params['resource_base_path'] as $curr_dir) {
28                if ( ($_cd = realpath($curr_dir)) !== false &&
29                     strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
30                     substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR ) {
31                    return true;
32                }
33            }
34        }
35        if (!empty($smarty->secure_dir)) {
36            foreach ((array)$smarty->secure_dir as $curr_dir) {
37                if ( ($_cd = realpath($curr_dir)) !== false) {
38                    if($_cd == $_rp) {
39                        return true;
40                    } elseif (strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
41                        substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR) {
42                        return true;
43                    }
44                }
45            }
46        }
47    } else {
48        // resource is not on local file system
49        return call_user_func_array(
50            $smarty->_plugins['resource'][$params['resource_type']][0][2],
51            array($params['resource_name'], &$smarty));
52    }
53
54    return false;
55}
56
57/* vim: set expandtab: */
58
59?>