maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

fix dangerous code

Browse Source
This commit is contained in:
Chris Vigelius
2015-06-25 13:49:55 +02:00
parent e7503c3c7a
commit 3cad16d2b7
2 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/classes/webserver/class.ConfigIO.php
View File

@@ -89,8 +89,13 @@ class ConfigIO {
// get directories // get directories
$configdirs = array(); $configdirs = array();
$configdirs[] = makeCorrectDir($this->_getFile('system', 'apacheconf_vhost')); $dir = $this->_getFile('system', 'apacheconf_vhost');
$configdirs[] = makeCorrectDir($this->_getFile('system', 'apacheconf_diroptions')); if ($dir !== false)
$configdirs[] = makeCorrectDir($dir);
$dir = $this->_getFile('system', 'apacheconf_diroptions')
if ($dir !== false)
$configdirs[] = makeCorrectDir($dir);
// file pattern // file pattern
$pattern = "/^([0-9]){2}_(froxlor|syscp)_(.+)\.conf$/"; $pattern = "/^([0-9]){2}_(froxlor|syscp)_(.+)\.conf$/";

2
lib/functions/filedir/function.makeCorrectDir.php
View File

@@ -26,6 +26,8 @@
*/ */
function makeCorrectDir($dir) { function makeCorrectDir($dir) {
assert('is_string($dir) && strlen($dir) > 0 /* $dir does not look like an actual folder name */');
$dir = trim($dir); $dir = trim($dir);
if (substr($dir, -1, 1) != '/') { if (substr($dir, -1, 1) != '/') {