Greyhound: smarty/internals/core.is_secure.php@487a16c7117c (annotated)

0 c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	1	<?php
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	2	/**
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	3	* Smarty plugin
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	4	* @package Smarty
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	5	* @subpackage plugins
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	6	*/
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	7
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	8	/**
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	9	* determines if a resource is secure or not.
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	10	*
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	11	* @param string $resource_type
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	12	* @param string $resource_name
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	13	* @return boolean
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	14	*/
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	15
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	16	// $resource_type, $resource_name
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	17
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	18	function smarty_core_is_secure($params, &$smarty)
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	19	{
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	20	if (!$smarty->security \|\| $smarty->security_settings['INCLUDE_ANY']) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	21	return true;
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	22	}
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	23
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	24	if ($params['resource_type'] == 'file') {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	25	$_rp = realpath($params['resource_name']);
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	26	if (isset($params['resource_base_path'])) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	27	foreach ((array)$params['resource_base_path'] as $curr_dir) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	28	if ( ($_cd = realpath($curr_dir)) !== false &&
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	29	strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	30	substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR ) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	31	return true;
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	32	}
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	33	}
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	34	}
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	35	if (!empty($smarty->secure_dir)) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	36	foreach ((array)$smarty->secure_dir as $curr_dir) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	37	if ( ($_cd = realpath($curr_dir)) !== false) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	38	if($_cd == $_rp) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	39	return true;
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	40	} elseif (strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	41	substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR) {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	42	return true;
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	43	}
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	44	}
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	45	}
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	46	}
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	47	} else {
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	48	// resource is not on local file system
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	49	return call_user_func_array(
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	50	$smarty->_plugins['resource'][$params['resource_type']][0][2],
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	51	array($params['resource_name'], &$smarty));
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	52	}
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	53
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	54	return false;
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	55	}
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	56
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	57	/* vim: set expandtab: */
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	58
c63de9eb7045 First commit. Basic things are working and implemented (webserver, templating, DCOP interface) Dan parents: diff changeset	59	?>

author	Dan
	Fri, 12 Jun 2009 13:48:22 -0400
changeset 76	487a16c7117c
parent 0	c63de9eb7045
permissions	-rw-r--r--