diff options
Diffstat (limited to 'include/smarty/libs/internals/core.is_secure.php')
| -rw-r--r-- | include/smarty/libs/internals/core.is_secure.php | 59 |
1 files changed, 0 insertions, 59 deletions
diff --git a/include/smarty/libs/internals/core.is_secure.php b/include/smarty/libs/internals/core.is_secure.php deleted file mode 100644 index d54abd432..000000000 --- a/include/smarty/libs/internals/core.is_secure.php +++ /dev/null @@ -1,59 +0,0 @@ -<?php -/** - * Smarty plugin - * @package Smarty - * @subpackage plugins - */ - -/** - * determines if a resource is secure or not. - * - * @param string $resource_type - * @param string $resource_name - * @return boolean - */ - -// $resource_type, $resource_name - -function smarty_core_is_secure($params, &$smarty) -{ - if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) { - return true; - } - - if ($params['resource_type'] == 'file') { - $_rp = realpath($params['resource_name']); - if (isset($params['resource_base_path'])) { - foreach ((array)$params['resource_base_path'] as $curr_dir) { - if ( ($_cd = realpath($curr_dir)) !== false && - strncmp($_rp, $_cd, strlen($_cd)) == 0 && - substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR ) { - return true; - } - } - } - if (!empty($smarty->secure_dir)) { - foreach ((array)$smarty->secure_dir as $curr_dir) { - if ( ($_cd = realpath($curr_dir)) !== false) { - if($_cd == $_rp) { - return true; - } elseif (strncmp($_rp, $_cd, strlen($_cd)) == 0 && - substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR) { - return true; - } - } - } - } - } else { - // resource is not on local file system - return call_user_func_array( - $smarty->_plugins['resource'][$params['resource_type']][0][2], - array($params['resource_name'], &$smarty)); - } - - return false; -} - -/* vim: set expandtab: */ - -?> |