| [ Index ] |
PHP Cross Reference of Moodle 1.9.3 [Build 15-Oct-2008] |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * Smarty plugin 4 * @package Smarty 5 * @subpackage plugins 6 */ 7 8 /** 9 * determines if a resource is secure or not. 10 * 11 * @param string $resource_type 12 * @param string $resource_name 13 * @return boolean 14 */ 15 16 // $resource_type, $resource_name 17 18 function smarty_core_is_secure($params, &$smarty) 19 { 20 static $check_template_dir = true; 21 22 if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) { 23 return true; 24 } 25 26 $_smarty_secure = false; 27 if ($params['resource_type'] == 'file') { 28 if($check_template_dir) { 29 if (!in_array($smarty->template_dir, $smarty->secure_dir)) 30 // add template_dir to secure_dir array 31 array_unshift($smarty->secure_dir, $smarty->template_dir); 32 $check_template_dir = false; 33 } 34 if (!empty($smarty->secure_dir)) { 35 $_rp = realpath($params['resource_name']); 36 foreach ((array)$smarty->secure_dir as $curr_dir) { 37 if ( !empty($curr_dir) && is_readable ($curr_dir)) { 38 $_cd = realpath($curr_dir); 39 if (strncmp($_rp, $_cd, strlen($_cd)) == 0 40 && $_rp{strlen($_cd)} == DIRECTORY_SEPARATOR ) { 41 $_smarty_secure = true; 42 break; 43 } 44 } 45 } 46 } 47 } else { 48 // resource is not on local file system 49 $_smarty_secure = call_user_func_array( 50 $smarty->_plugins['resource'][$params['resource_type']][0][2], 51 array($params['resource_name'], &$_smarty_secure, &$smarty)); 52 } 53 54 return $_smarty_secure; 55 } 56 57 /* vim: set expandtab: */ 58 59 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Jan 14 11:33:29 2009 | Cross-referenced by PHPXref 0.7 |