Example #1
0
 private function __file_get_contents($args)
 {
     if (!isset($args['$file'])) {
         return '';
     }
     $fs = X::model('filesystem');
     $domain = substr($this->url, 0, strpos($this->url, '/'));
     $domain_path = $fs->path($domain);
     $path = $fs->path(dirname($this->url));
     $file = realpath($path['absolute'] . '/' . ltrim($args['$file'], '/'));
     $return = '';
     //TODO: remove realpath checks
     if ($file && strpos($file, realpath($domain_path['absolute'])) === 0) {
         $return = file_get_contents($file);
         if (isset($args['$html_safe']) && $args['$html_safe']) {
             $return = htmlspecialchars($return);
         }
         if (isset($args['$nl2br']) && $args['$nl2br']) {
             $return = nl2br($return);
         }
         if (isset($args['$space2nbsp'])) {
             $return = str_replace('  ', '  ', $return);
         }
     }
     return $return;
 }