From e4325b1517c3d9769c8e0141e37b2845bf8e4d09 Mon Sep 17 00:00:00 2001
From: VirtualTam <virtualtam@flibidi.net>
Date: Tue, 19 Sep 2017 20:21:28 +0200
Subject: [PATCH] Robustness: safer RainTPL directory handling

Relates to https://github.com/shaarli/Shaarli/issues/845
Relates to https://github.com/shaarli/Shaarli/issues/846
Relates to https://github.com/shaarli/Shaarli/pull/909

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
---
 application/ApplicationUtils.php | 5 +++--
 application/ThemeUtils.php       | 1 +
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/application/ApplicationUtils.php b/application/ApplicationUtils.php
index 85dcbee..123cc0b 100644
--- a/application/ApplicationUtils.php
+++ b/application/ApplicationUtils.php
@@ -168,14 +168,15 @@ class ApplicationUtils
     public static function checkResourcePermissions($conf)
     {
         $errors = array();
+        $rainTplDir = rtrim($conf->get('resource.raintpl_tpl'), '/');
 
         // Check script and template directories are readable
         foreach (array(
             'application',
             'inc',
             'plugins',
-            $conf->get('resource.raintpl_tpl'),
-            $conf->get('resource.raintpl_tpl').'/'.$conf->get('resource.theme'),
+            $rainTplDir,
+            $rainTplDir.'/'.$conf->get('resource.theme'),
         ) as $path) {
             if (! is_readable(realpath($path))) {
                 $errors[] = '"'.$path.'" directory is not readable';
diff --git a/application/ThemeUtils.php b/application/ThemeUtils.php
index 2718ed1..16f2f6a 100644
--- a/application/ThemeUtils.php
+++ b/application/ThemeUtils.php
@@ -22,6 +22,7 @@ class ThemeUtils
      */
     public static function getThemes($tplDir)
     {
+        $tplDir = rtrim($tplDir, '/');
         $allTheme = glob($tplDir.'/*', GLOB_ONLYDIR);
         $themes = [];
         foreach ($allTheme as $value) {