smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-03 18:04:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

added secure_dir array for multiple secure directories

Browse Source
This commit is contained in:
mohrt
2001-06-13 20:26:03 +00:00
parent 098630af9d
commit 7ea781c510
3 changed files with 37 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Smarty.addons.php
View File

@@ -484,9 +484,18 @@ function smarty_func_fetch($args,&$smarty_obj) {
return;
}
if($smarty_obj->security && !preg_match("/^(http|ftp):\/\//",$file)) {
trigger_error("(secure mode) file must start with http:// or ftp://");
// make sure fetched file comes from secure directory
foreach($smarty_obj->secure_dir as $curr_dir) {
if(substr(realpath($file),0,strlen(realpath($curr_dir))) == realpath($curr_dir)) {
$resource_is_secure = true;
break;
}
}
if(!$resource_is_secure) {
trigger_error("(secure mode) fetching '$file' is not allowed");
return;
}
}
readfile($file);
}

13
Smarty.class.php
View File

@@ -101,6 +101,7 @@ class Smarty
var $security = false; // enable template security (default false)
var $secure_dir = array("./templates"); // array of directories considered secure
var $security_settings = array(
"ALLOW_PHP_HANDLING" => false,
"ALLOW_IF_FUNCS" => array('count','is_array'),
@@ -652,9 +653,16 @@ class Smarty
// relative pathname to $template_dir
$resource_name = $this->template_dir.'/'.$resource_name;
}
// if security is on, make sure template comes from $template_dir
// if security is on, make sure template comes from a $secure_dir
if($this->security && !$this->security_settings["ALLOW_INCLUDE_ANY"]) {
if(substr(realpath($resource_name),0,strlen(realpath($this->template_dir))) != realpath($this->template_dir)) {
$resource_is_secure = false;
foreach($this->secure_dir as $curr_dir) {
if(substr(realpath($resource_name),0,strlen(realpath($curr_dir))) == realpath($curr_dir)) {
$resource_is_secure = true;
break;
}
}
if(!$resource_is_secure) {
$this->_trigger_error_msg("(secure mode) including \"$resource_name\" is not allowed");
return false;
}
@@ -714,6 +722,7 @@ class Smarty
$smarty_compiler->prefilter_funcs = $this->prefilter_funcs;
$smarty_compiler->compiler_funcs = $this->compiler_funcs;
$smarty_compiler->security = $this->security;
$smarty_compiler->secure_dir = $this->secure_dir;
$smarty_compiler->security_settings = $this->security_settings;
if ($smarty_compiler->_compile_file($tpl_file, $template_source, $template_compiled))

13
libs/Smarty.class.php
View File

@@ -101,6 +101,7 @@ class Smarty
var $security = false; // enable template security (default false)
var $secure_dir = array("./templates"); // array of directories considered secure
var $security_settings = array(
"ALLOW_PHP_HANDLING" => false,
"ALLOW_IF_FUNCS" => array('count','is_array'),
@@ -652,9 +653,16 @@ class Smarty
// relative pathname to $template_dir
$resource_name = $this->template_dir.'/'.$resource_name;
}
// if security is on, make sure template comes from $template_dir
// if security is on, make sure template comes from a $secure_dir
if($this->security && !$this->security_settings["ALLOW_INCLUDE_ANY"]) {
if(substr(realpath($resource_name),0,strlen(realpath($this->template_dir))) != realpath($this->template_dir)) {
$resource_is_secure = false;
foreach($this->secure_dir as $curr_dir) {
if(substr(realpath($resource_name),0,strlen(realpath($curr_dir))) == realpath($curr_dir)) {
$resource_is_secure = true;
break;
}
}
if(!$resource_is_secure) {
$this->_trigger_error_msg("(secure mode) including \"$resource_name\" is not allowed");
return false;
}
@@ -714,6 +722,7 @@ class Smarty
$smarty_compiler->prefilter_funcs = $this->prefilter_funcs;
$smarty_compiler->compiler_funcs = $this->compiler_funcs;
$smarty_compiler->security = $this->security;
$smarty_compiler->secure_dir = $this->secure_dir;
$smarty_compiler->security_settings = $this->security_settings;
if ($smarty_compiler->_compile_file($tpl_file, $template_source, $template_compiled))