smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-08-07 03:44:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix notice in debug security check

Browse Source
This commit is contained in:
mohrt
2005-08-17 15:27:40 +00:00
parent 219ec26706
commit c7d1cc8727
2 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
NEWS
View File

@@ -1,3 +1,4 @@
- fix notice in debug security check (Drakla, monte)
- return valid reference in get_template_vars() when given var is - return valid reference in get_template_vars() when given var is
non-existant (monte) non-existant (monte)
- add escape type "urlpathinfo" to escape modifier (monte) - add escape type "urlpathinfo" to escape modifier (monte)

6
libs/internals/core.is_secure.php
View File

@@ -35,10 +35,10 @@ function smarty_core_is_secure($params, &$smarty)
if (!empty($smarty->secure_dir)) { if (!empty($smarty->secure_dir)) {
foreach ((array)$smarty->secure_dir as $curr_dir) { foreach ((array)$smarty->secure_dir as $curr_dir) {
if ( ($_cd = realpath($curr_dir)) !== false) { if ( ($_cd = realpath($curr_dir)) !== false) {
if( strncmp($_rp, $_cd, strlen($_cd)) == 0 && if($_cd == $_rp) {
$_rp{strlen($_cd)} == DIRECTORY_SEPARATOR ) {
return true; return true;
} elseif ($_cd == $_rp) { } elseif (strncmp($_rp, $_cd, strlen($_cd)) == 0 &&
$_rp{strlen($_cd)} == DIRECTORY_SEPARATOR) {
return true; return true;
} }
} }