MDL-10870 A few more fixes to the file.php page's navigation
[moodle-pu.git] / lib / smarty / core / core.is_secure.php
blob877886b88517cd1dda8929341f27103ffa324a5e
1 <?php
2 /**
3 * Smarty plugin
4 * @package Smarty
5 * @subpackage plugins
6 */
8 /**
9 * determines if a resource is secure or not.
11 * @param string $resource_type
12 * @param string $resource_name
13 * @return boolean
16 // $resource_type, $resource_name
18 function smarty_core_is_secure($params, &$smarty)
20 static $check_template_dir = true;
22 if (!$smarty->security || $smarty->security_settings['INCLUDE_ANY']) {
23 return true;
26 $_smarty_secure = false;
27 if ($params['resource_type'] == 'file') {
28 if($check_template_dir) {
29 if (!in_array($smarty->template_dir, $smarty->secure_dir))
30 // add template_dir to secure_dir array
31 array_unshift($smarty->secure_dir, $smarty->template_dir);
32 $check_template_dir = false;
34 if (!empty($smarty->secure_dir)) {
35 $_rp = realpath($params['resource_name']);
36 foreach ((array)$smarty->secure_dir as $curr_dir) {
37 if ( !empty($curr_dir) && is_readable ($curr_dir)) {
38 $_cd = realpath($curr_dir);
39 if (strncmp($_rp, $_cd, strlen($_cd)) == 0
40 && $_rp{strlen($_cd)} == DIRECTORY_SEPARATOR ) {
41 $_smarty_secure = true;
42 break;
47 } else {
48 // resource is not on local file system
49 $_smarty_secure = call_user_func_array(
50 $smarty->_plugins['resource'][$params['resource_type']][0][2],
51 array($params['resource_name'], &$_smarty_secure, &$smarty));
54 return $_smarty_secure;
57 /* vim: set expandtab: */