MyOOS [Shopsystem] is Free Software released under the GNU/GPL License.
Webmaster: info@r23.de (Impressum)
00001 <?php 00016 // $resource_type, $resource_name 00017 00018 function smarty_core_is_secure($params, &$smarty) 00019 { 00020 if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) { 00021 return true; 00022 } 00023 00024 if ($params['resource_type'] == 'file') { 00025 $_rp = realpath($params['resource_name']); 00026 if (isset($params['resource_base_path'])) { 00027 foreach ((array)$params['resource_base_path'] as $curr_dir) { 00028 if ( ($_cd = realpath($curr_dir)) !== false && 00029 strncmp($_rp, $_cd, strlen($_cd)) == 0 && 00030 substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR ) { 00031 return true; 00032 } 00033 } 00034 } 00035 if (!empty($smarty->secure_dir)) { 00036 foreach ((array)$smarty->secure_dir as $curr_dir) { 00037 if ( ($_cd = realpath($curr_dir)) !== false) { 00038 if($_cd == $_rp) { 00039 return true; 00040 } elseif (strncmp($_rp, $_cd, strlen($_cd)) == 0 && 00041 substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR) { 00042 return true; 00043 } 00044 } 00045 } 00046 } 00047 } else { 00048 // resource is not on local file system 00049 return call_user_func_array( 00050 $smarty->_plugins['resource'][$params['resource_type']][0][2], 00051 array($params['resource_name'], &$smarty)); 00052 } 00053 00054 return false; 00055 } 00056 00057 /* vim: set expandtab: */ 00058 00059 ?>
| Copyright © 2003 - 2009 MyOOS [Shopsystem]. All rights reserved. MyOOS [Shopsystem] is Free Software released under the GNU/GPL License. Webmaster: info@r23.de (Impressum) |
|