Merge pull request #103 from Aldarone/89-double-dot-in-dir-name

Allow to use « .. » in directory name.
This commit is contained in:
Tom.C. 2015-07-24 13:59:50 +02:00
commit 43369d1f32

View file

@ -146,16 +146,15 @@ if (!empty($_GET['dir'])) {
$requestedDir = $_GET['dir']; $requestedDir = $_GET['dir'];
} }
$photoRoot = GALLERY_ROOT . 'photos/';
$thumbdir = rtrim('photos/' . $requestedDir, '/'); $thumbdir = rtrim('photos/' . $requestedDir, '/');
//$thumbdir = str_replace('/..', '', $thumbdir); // Prevent directory traversal attacks.
if (strstr($thumbdir, '..') !== false) {
$requestedDir = '';
$thumbdir = rtrim('photos/', '/');
}
$currentdir = GALLERY_ROOT . $thumbdir; $currentdir = GALLERY_ROOT . $thumbdir;
$thumbdirIsInPhotoRoot = strpos(realpath($thumbdir), realpath($photoRoot));
if ($thumbdirIsInPhotoRoot === false) {
die("ERROR: Could not open " . htmlspecialchars(stripslashes($currentdir)) . " for reading!");
}
//----------------------- //-----------------------
// READ FILES AND FOLDERS // READ FILES AND FOLDERS
//----------------------- //-----------------------