/usr/share/php/smarty/internals/core.is_trusted.php is in smarty 2.6.26-0.2ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 | <?php
/**
* Smarty plugin
* @package Smarty
* @subpackage plugins
*/
/**
* determines if a resource is trusted or not
*
* @param string $resource_type
* @param string $resource_name
* @return boolean
*/
// $resource_type, $resource_name
function smarty_core_is_trusted($params, &$smarty)
{
$_smarty_trusted = false;
if ($params['resource_type'] == 'file') {
if (!empty($smarty->trusted_dir)) {
$_rp = realpath($params['resource_name']);
foreach ((array)$smarty->trusted_dir as $curr_dir) {
if (!empty($curr_dir) && is_readable ($curr_dir)) {
$_cd = realpath($curr_dir);
if (strncmp($_rp, $_cd, strlen($_cd)) == 0
&& substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR ) {
$_smarty_trusted = true;
break;
}
}
}
}
} else {
// resource is not on local file system
$_smarty_trusted = call_user_func_array($smarty->_plugins['resource'][$params['resource_type']][0][3],
array($params['resource_name'], $smarty));
}
return $_smarty_trusted;
}
/* vim: set expandtab: */
?>
|