1 |
joko |
1.1 |
<?php |
2 |
|
|
/** |
3 |
|
|
* Smarty plugin |
4 |
|
|
* @package Smarty |
5 |
|
|
* @subpackage plugins |
6 |
|
|
*/ |
7 |
|
|
|
8 |
|
|
/**#@+ |
9 |
|
|
* @access private |
10 |
|
|
*/ |
11 |
|
|
/** |
12 |
|
|
* determines if a resource is trusted or not |
13 |
|
|
* |
14 |
|
|
* @param string $resource_type |
15 |
|
|
* @param string $resource_name |
16 |
|
|
* @return boolean |
17 |
|
|
*/ |
18 |
|
|
|
19 |
|
|
// $resource_type, $resource_name |
20 |
|
|
|
21 |
|
|
function smarty_core_is_trusted($params, &$smarty) |
22 |
|
|
{ |
23 |
|
|
$_smarty_trusted = false; |
24 |
|
|
if ($params['resource_type'] == 'file') { |
25 |
|
|
if (!empty($smarty->trusted_dir)) { |
26 |
|
|
$_rp = realpath($params['resource_name']); |
27 |
|
|
foreach ((array)$smarty->trusted_dir as $curr_dir) { |
28 |
|
|
if (!empty($curr_dir) && is_readable ($curr_dir)) { |
29 |
|
|
$_cd = realpath($curr_dir); |
30 |
|
|
if (strncmp($_rp, $_cd, strlen($_cd)) == 0 |
31 |
|
|
&& $_rp{strlen($_cd)} == DIRECTORY_SEPARATOR ) { |
32 |
|
|
$_smarty_trusted = true; |
33 |
|
|
break; |
34 |
|
|
} |
35 |
|
|
} |
36 |
|
|
} |
37 |
|
|
} |
38 |
|
|
|
39 |
|
|
} else { |
40 |
|
|
// resource is not on local file system |
41 |
|
|
$_smarty_trusted = call_user_func_array($smarty->_plugins['resource'][$params['resource_type']][0][3], |
42 |
|
|
array($params['resource_name'], $smarty)); |
43 |
|
|
} |
44 |
|
|
|
45 |
|
|
return $_smarty_trusted; |
46 |
|
|
} |
47 |
|
|
|
48 |
|
|
/* vim: set expandtab: */ |
49 |
|
|
|
50 |
|
|
?> |