Merge pull request #975 from virtualtam/robustness

Improve robustness for zlib and file operations
This commit is contained in:
VirtualTam 2017-09-30 10:56:56 +02:00 committed by GitHub
commit 7c670b39a2
3 changed files with 20 additions and 12 deletions

View file

@ -168,14 +168,15 @@ class ApplicationUtils
public static function checkResourcePermissions($conf)
{
$errors = array();
$rainTplDir = rtrim($conf->get('resource.raintpl_tpl'), '/');
// Check script and template directories are readable
foreach (array(
'application',
'inc',
'plugins',
$conf->get('resource.raintpl_tpl'),
$conf->get('resource.raintpl_tpl').'/'.$conf->get('resource.theme'),
$rainTplDir,
$rainTplDir.'/'.$conf->get('resource.theme'),
) as $path) {
if (! is_readable(realpath($path))) {
$errors[] = '"'.$path.'" directory is not readable';

View file

@ -50,7 +50,8 @@ class FileUtils
/**
* Read data from a file containing Shaarli database format content.
* If the file isn't readable or doesn't exists, default data will be returned.
*
* If the file isn't readable or doesn't exist, default data will be returned.
*
* @param string $file File path.
* @param mixed $default The default value to return if the file isn't readable.
@ -61,16 +62,21 @@ class FileUtils
{
// Note that gzinflate is faster than gzuncompress.
// See: http://www.php.net/manual/en/function.gzdeflate.php#96439
if (is_readable($file)) {
return unserialize(
gzinflate(
base64_decode(
substr(file_get_contents($file), strlen(self::$phpPrefix), -strlen(self::$phpSuffix))
)
)
);
if (! is_readable($file)) {
return $default;
}
return $default;
$data = file_get_contents($file);
if ($data == '') {
return $default;
}
return unserialize(
gzinflate(
base64_decode(
substr($data, strlen(self::$phpPrefix), -strlen(self::$phpSuffix))
)
)
);
}
}

View file

@ -22,6 +22,7 @@ class ThemeUtils
*/
public static function getThemes($tplDir)
{
$tplDir = rtrim($tplDir, '/');
$allTheme = glob($tplDir.'/*', GLOB_ONLYDIR);
$themes = [];
foreach ($allTheme as $value) {