mirror of
https://github.com/smarty-php/smarty.git
synced 2025-10-17 14:35:19 +02:00
abstract more private functions to plugin directory
This commit is contained in:
mohrt
@@ -21,40 +21,33 @@
|
||||
*/
|
||||
function smarty_function_fetch($params, &$smarty)
|
||||
{
|
||||
$file = $params['file'];
|
||||
|
||||
if (empty($file)) {
|
||||
if (empty($params['file'])) {
|
||||
$smarty->_trigger_fatal_error("[plugin] parameter 'file' cannot be empty");
|
||||
return;
|
||||
}
|
||||
|
||||
if ($smarty->security && !preg_match('!^(http|ftp)://!i', $file)) {
|
||||
// fetching file, make sure it comes from secure directory
|
||||
foreach ($smarty->secure_dir as $curr_dir) {
|
||||
if (substr(realpath($file), 0, strlen(realpath($curr_dir))) == realpath($curr_dir)) {
|
||||
$resource_is_secure = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (!$resource_is_secure) {
|
||||
$smarty->_trigger_fatal_error("[plugin] (secure mode) fetch '$file' is not allowed");
|
||||
return;
|
||||
}
|
||||
if ($smarty->security && !preg_match('!^(http|ftp)://!i', $params['file'])) {
|
||||
$_params = array('resource_type' => 'file', 'resource_name' => $params['file']);
|
||||
if(!$smarty->_execute_core_function('is_secure', $_params)) {
|
||||
$smarty->_trigger_fatal_error('[plugin] (secure mode) fetch \'' . $params['file'] . '\' is not allowed');
|
||||
return;
|
||||
}
|
||||
|
||||
// fetch the file
|
||||
if($fp = @fopen($file,'r')) {
|
||||
if($fp = @fopen($params['file'],'r')) {
|
||||
while(!feof($fp)) {
|
||||
$content .= fgets ($fp,4096);
|
||||
}
|
||||
fclose($fp);
|
||||
} else {
|
||||
$smarty->_trigger_fatal_error("[plugin] fetch cannot read file '$file'");
|
||||
$smarty->_trigger_fatal_error('[plugin] fetch cannot read file \'' . $params['file'] . '\'');
|
||||
return;
|
||||
}
|
||||
} else {
|
||||
// not a local file
|
||||
if(preg_match('!^http://!i',$file)) {
|
||||
if(preg_match('!^http://!i',$params['file'])) {
|
||||
// http fetch
|
||||
if($uri_parts = parse_url($file)) {
|
||||
if($uri_parts = parse_url($params['file'])) {
|
||||
// set defaults
|
||||
$host = $server_name = $uri_parts['host'];
|
||||
$timeout = 30;
|
||||
@@ -152,7 +145,7 @@ function smarty_function_fetch($params, &$smarty)
|
||||
return;
|
||||
} else {
|
||||
if($_is_proxy) {
|
||||
fputs($fp, "GET $file HTTP/1.0\r\n");
|
||||
fputs($fp, 'GET ' . $params['file'] . " HTTP/1.0\r\n");
|
||||
} else {
|
||||
fputs($fp, "GET $uri HTTP/1.0\r\n");
|
||||
}
|
||||
@@ -197,13 +190,13 @@ function smarty_function_fetch($params, &$smarty)
|
||||
}
|
||||
} else {
|
||||
// ftp fetch
|
||||
if($fp = @fopen($file,'r')) {
|
||||
if($fp = @fopen($params['file'],'r')) {
|
||||
while(!feof($fp)) {
|
||||
$content .= fgets ($fp,4096);
|
||||
}
|
||||
fclose($fp);
|
||||
} else {
|
||||
$smarty->_trigger_fatal_error("[plugin] fetch cannot read file '$file'");
|
||||
$smarty->_trigger_fatal_error('[plugin] fetch cannot read file \'' . $params['file'] .'\'');
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user