require 'erb'

module Capcode
  module Helpers
    @@__ERB_PATH__ = "."
    def self.erb_path=( p )
      @@__ERB_PATH__ = p
    end
    
    def render_erb( f ) #:nodoc:
      f = f.to_s
      if f.include? '..'
        return [403, {}, '403 - Invalid path']
      end
      
      if /Windows/.match( ENV['OS'] )
        unless( /.:\\/.match( @@__ERB_PATH__[0] ) )
          @@__ERB_PATH__ = File.expand_path( File.join(@@__ROOT_DIRECTORY, @@__ERB_PATH__) )
        end
      else
        unless( @@__ERB_PATH__[0].chr == "/" )
          @@__ERB_PATH__ = File.expand_path( File.join(@@__ROOT_DIRECTORY, @@__ERB_PATH__) )
        end
      end
      
      f = f + ".rhtml" if File.extname( f ) != ".rhtml"
      file = File.join( @@__ERB_PATH__, f )
      ERB.new(open(file).read).result(binding)
    end
  end
end