Code Search for Developers
 
 		 
  

core.is_secure.php from guliverkli at Krugle


Show core.is_secure.php syntax highlighted 

<?php
/**
 * Smarty plugin
 * @package Smarty
 * @subpackage plugins
 */

/**
 * determines if a resource is secure or not.
 *
 * @param string $resource_type
 * @param string $resource_name
 * @return boolean
 */

//  $resource_type, $resource_name

function smarty_core_is_secure($params, &$smarty)
{
    if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) {
        return true;
    }

    if ($params['resource_type'] == 'file') {
        $_rp = realpath($params['resource_name']);
        if (isset($params['resource_base_path'])) {
            foreach ((array)$params['resource_base_path'] as $curr_dir) {
                if ( ($_cd = realpath($curr_dir)) !== false &&
                     strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
                     $_rp{strlen($_cd)} == DIRECTORY_SEPARATOR ) {
                    return true;
                }
            }
        }
        if (!empty($smarty->secure_dir)) {
            foreach ((array)$smarty->secure_dir as $curr_dir) {
                if ( ($_cd = realpath($curr_dir)) !== false &&
                     strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
                     $_rp{strlen($_cd)} == DIRECTORY_SEPARATOR ) {
                    return true;
                }            
            }
        }
    } else {
        // resource is not on local file system
        return call_user_func_array(
            $smarty->_plugins['resource'][$params['resource_type']][0][2],
            array($params['resource_name'], &$smarty));
    }

    return false;
}

/* vim: set expandtab: */

?>


See more files for this project here

guliverkli

Home of VobSub, Media Player Classic (MPC) and other misc utils.

Project homepage: http://sourceforge.net/projects/guliverkli
Programming language(s): C,C++,PHP
License: other

  core.assemble_plugin_filepath.php
  core.assign_smarty_interface.php
  core.create_dir_structure.php
  core.display_debug_console.php
  core.get_include_path.php
  core.get_microtime.php
  core.get_php_resource.php
  core.is_secure.php
  core.is_trusted.php
  core.load_plugins.php
  core.load_resource_plugin.php
  core.process_cached_inserts.php
  core.process_compiled_include.php
  core.read_cache_file.php
  core.rm_auto.php
  core.rmdir.php
  core.run_insert_handler.php
  core.smarty_include_php.php
  core.write_cache_file.php
  core.write_compiled_include.php
  core.write_compiled_resource.php
  core.write_file.php