maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

RealPath nicht DomainPath

Browse Source
This commit is contained in:
Andreas Grundler
2013-10-21 17:36:44 +02:00
parent 3c76594abb
commit d0315b7ed3
1 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/classes/aps/class.ApsInstaller.php
View File

@@ -269,12 +269,10 @@ class ApsInstaller extends ApsParser
$this->db->query('DELETE FROM `' . TABLE_APS_INSTANCES . '` WHERE `ID` = ' . $this->db->escape($Row['InstanceID'])); $this->db->query('DELETE FROM `' . TABLE_APS_INSTANCES . '` WHERE `ID` = ' . $this->db->escape($Row['InstanceID']));
$this->db->query('DELETE FROM `' . TABLE_APS_SETTINGS . '` WHERE `InstanceID` = ' . $this->db->escape($Row['InstanceID'])); $this->db->query('DELETE FROM `' . TABLE_APS_SETTINGS . '` WHERE `InstanceID` = ' . $this->db->escape($Row['InstanceID']));
if($this->DomainPath != '' && checkDisallowedPaths($this->DomainPath)) if($this->RealPath != '' && checkDisallowedPaths($this->RealPath))
{ {
$documentroot = getCustomerDetail($Row['CustomerID'],'documentroot');
//remove data, #273 //remove data, #273
if($this->DomainPath != $documentroot) { if($this->DomainPath != '' && $this->DomainPath != '/') {
self::UnlinkRecursive($this->RealPath . $this->DomainPath . '/'); self::UnlinkRecursive($this->RealPath . $this->DomainPath . '/');
} else { } else {
// save awstats/webalizer folder if it's the docroot // save awstats/webalizer folder if it's the docroot
@@ -341,7 +339,7 @@ class ApsInstaller extends ApsParser
$mapping_url = $Xml->mapping['url']; $mapping_url = $Xml->mapping['url'];
} }
if (($this->DomainPath == '') || ($this->DomainPath == '/')) if ($this->RealPath == '' || !checkDisallowedPaths($this->RealPath))
{ {
$this->db->query('UPDATE `' . TABLE_APS_INSTANCES . '` SET `Status` = ' . INSTANCE_ERROR . ' WHERE `ID` = ' . $this->db->escape($Row['InstanceID'])); $this->db->query('UPDATE `' . TABLE_APS_INSTANCES . '` SET `Status` = ' . INSTANCE_ERROR . ' WHERE `ID` = ' . $this->db->escape($Row['InstanceID']));
return false; return false;