diff options
Diffstat (limited to 'core/Filesystem.php')
-rw-r--r-- | core/Filesystem.php | 35 |
1 files changed, 33 insertions, 2 deletions
diff --git a/core/Filesystem.php b/core/Filesystem.php index c22a4d0b21..585246a0cd 100644 --- a/core/Filesystem.php +++ b/core/Filesystem.php @@ -94,6 +94,8 @@ class Filesystem // enough! we're not going to make the directory world-writeable } } + + self::createIndexFilesToPreventDirectoryListing($path); } /** @@ -443,8 +445,7 @@ class Filesystem */ private static function getChmodForPath($path) { - $pathIsTmp = StaticContainer::get('path.tmp'); - if (strpos($path, $pathIsTmp) === 0) { + if (self::isPathWithinTmpFolder($path)) { // tmp/* folder return 0750; } @@ -504,4 +505,34 @@ class Filesystem return true; } + + /** + * @param $path + * @return bool + */ + private static function isPathWithinTmpFolder($path) + { + $pathIsTmp = StaticContainer::get('path.tmp'); + $isPathWithinTmpFolder = strpos($path, $pathIsTmp) === 0; + return $isPathWithinTmpFolder; + } + + /** + * in tmp/ (sub-)folder(s) we create empty index.htm|php files + * + * @param $path + */ + private static function createIndexFilesToPreventDirectoryListing($path) + { + if (!self::isPathWithinTmpFolder($path)) { + return; + } + $filesToCreate = array( + $path . '/index.htm', + $path . '/index.php' + ); + foreach ($filesToCreate as $file) { + @file_put_contents($file, 'Nothing to see here.'); + } + } } |