+++ /dev/null
-<?php\r
-/**\r
- * Smarty plugin\r
- * @package Smarty\r
- * @subpackage plugins\r
- */\r
-\r
-/**\r
- * determines if a resource is secure or not.\r
- *\r
- * @param string $resource_type\r
- * @param string $resource_name\r
- * @return boolean\r
- */\r
-\r
-// $resource_type, $resource_name\r
-\r
-function smarty_core_is_secure($params, &$smarty)\r
-{\r
- static $check_template_dir = true;\r
-\r
- if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) {\r
- return true;\r
- }\r
-\r
- $_smarty_secure = false;\r
- if ($params['resource_type'] == 'file') {\r
- if($check_template_dir) {\r
- if (!in_array($smarty->template_dir, $smarty->secure_dir))\r
- // add template_dir to secure_dir array\r
- array_unshift($smarty->secure_dir, $smarty->template_dir);\r
- $check_template_dir = false;\r
- }\r
- if (!empty($smarty->secure_dir)) {\r
- $_rp = realpath($params['resource_name']);\r
- foreach ((array)$smarty->secure_dir as $curr_dir) {\r
- if ( !empty($curr_dir) && is_readable ($curr_dir)) {\r
- $_cd = realpath($curr_dir);\r
- if (strncmp($_rp, $_cd, strlen($_cd)) == 0\r
- && $_rp{strlen($_cd)} == DIRECTORY_SEPARATOR ) {\r
- $_smarty_secure = true;\r
- break;\r
- }\r
- }\r
- }\r
- }\r
- } else {\r
- // resource is not on local file system\r
- $_smarty_secure = call_user_func_array(\r
- $smarty->_plugins['resource'][$params['resource_type']][0][2],\r
- array($params['resource_name'], &$_smarty_secure, &$smarty));\r
- }\r
-\r
- return $_smarty_secure;\r
-}\r
-\r
-/* vim: set expandtab: */\r
-\r
-?>\r