diff options
author | Robin Appelman <icewind@owncloud.com> | 2012-11-03 03:21:10 +0400 |
---|---|---|
committer | Robin Appelman <icewind@owncloud.com> | 2012-11-03 03:23:48 +0400 |
commit | 4b86c43f9714f2fee6a2030f22a4a314b538bf9e (patch) | |
tree | fef968ad8e01667023c1b3a89a611af9aad0701d /lib | |
parent | 6540c0fc63347e8145534e09419e0f7ff4fd2e3a (diff) |
check for filename blacklist in OC_Filesystem::isValidPath
Diffstat (limited to 'lib')
-rw-r--r-- | lib/filesystem.php | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/lib/filesystem.php b/lib/filesystem.php index ea415b00665..ede4fe4aa14 100644 --- a/lib/filesystem.php +++ b/lib/filesystem.php @@ -368,6 +368,9 @@ class OC_Filesystem{ if(strstr($path,'/../') || strrchr($path, '/') === '/..' ){ return false; } + if(self::isFileBlacklisted($path)){ + return false; + } return true; } @@ -376,21 +379,23 @@ class OC_Filesystem{ * Listens to write and rename hooks * @param array $data from hook */ - static public function isBlacklisted($data){ - $blacklist = array('.htaccess'); + static public function isBlacklisted($data) { if (isset($data['path'])) { $path = $data['path']; } else if (isset($data['newpath'])) { $path = $data['newpath']; } if (isset($path)) { - $filename = strtolower(basename($path)); - if (in_array($filename, $blacklist)) { - $data['run'] = false; - } + $data['run'] = !self::isFileBlacklisted($path); } } - + + static public function isFileBlacklisted($path){ + $blacklist = array('.htaccess'); + $filename = strtolower(basename($path)); + return in_array($filename, $blacklist); + } + /** * following functions are equivalent to their php builtin equivalents for arguments/return values. */ |