diff options
| author | Robin Appelman <icewind@owncloud.com> | 2012-11-03 00:21:10 +0100 |
|---|---|---|
| committer | Robin Appelman <icewind@owncloud.com> | 2012-11-03 00:26:36 +0100 |
| commit | 4c0c78d15deac7bc53c1bf0e967972ac7e9525f4 (patch) | |
| tree | 41c3e2b334e1f577e790a0d95348122e041f4ad1 /lib | |
| parent | 503922ff6cd6d80c9c5cdd58925d76de00d2f311 (diff) | |
| download | nextcloud-server-4c0c78d15deac7bc53c1bf0e967972ac7e9525f4.tar.gz nextcloud-server-4c0c78d15deac7bc53c1bf0e967972ac7e9525f4.zip | |
check for filename blacklist in OC_Filesystem::isValidPath
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/filesystem.php | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/lib/filesystem.php b/lib/filesystem.php index 79bce2c6d00..852290e62ac 100644 --- a/lib/filesystem.php +++ b/lib/filesystem.php @@ -403,6 +403,9 @@ class OC_Filesystem{ if(strstr($path, '/../') || strrchr($path, '/') === '/..' ) { return false; } + if(self::isFileBlacklisted($path)){ + return false; + } return true; } @@ -412,20 +415,22 @@ class OC_Filesystem{ * @param array $data from hook */ static public function isBlacklisted($data) { - $blacklist = array('.htaccess'); if (isset($data['path'])) { $path = $data['path']; } else if (isset($data['newpath'])) { $path = $data['newpath']; } if (isset($path)) { - $filename = strtolower(basename($path)); - if (in_array($filename, $blacklist)) { - $data['run'] = false; - } + $data['run'] = !self::isFileBlacklisted($path); } } + static public function isFileBlacklisted($path){ + $blacklist = array('.htaccess'); + $filename = strtolower(basename($path)); + return in_array($filename, $blacklist); + } + /** * following functions are equivilent to their php buildin equivilents for arguments/return values. */ |