9 * determines if a resource is secure or not.
11 * @param string $resource_type
12 * @param string $resource_name
16 // $resource_type, $resource_name
18 function smarty_core_is_secure($params, &$smarty)
20 if (!$smarty->security ||
$smarty->security_settings
['INCLUDE_ANY']) {
24 $_smarty_secure = false;
25 if ($params['resource_type'] == 'file') {
26 if (!empty($smarty->secure_dir
)) {
27 $_rp = realpath($params['resource_name']);
28 foreach ((array)$smarty->secure_dir
as $curr_dir) {
29 if ( !empty($curr_dir) && is_readable ($curr_dir)) {
30 $_cd = realpath($curr_dir);
31 if (strncmp($_rp, $_cd, strlen($_cd)) == 0
32 && $_rp{strlen($_cd)} == DIRECTORY_SEPARATOR
) {
33 $_smarty_secure = true;
40 // resource is not on local file system
41 $_smarty_secure = call_user_func_array(
42 $smarty->_plugins
['resource'][$params['resource_type']][0][2],
43 array($params['resource_name'], &$_smarty_secure, &$smarty));
46 return $_smarty_secure;
49 /* vim: set expandtab: */
This page took 0.255587 seconds and 4 git commands to generate.