diff options
| author | TheTroll <trolldev@gmail.com> | 2010-03-23 13:59:27 +0100 |
|---|---|---|
| committer | TheTroll <trolldev@gmail.com> | 2010-03-23 13:59:27 +0100 |
| commit | be27c9fd4fc24205475c1f8eb4332bde6959c8dc (patch) | |
| tree | a7104b8a2831d1fd39c08036f5f495b90c5dd1ff /bin/files.php | |
| parent | 4568b0e65d4f029384aeec26e2b2df6b8f37ffc2 (diff) | |
| download | istreamdev-be27c9fd4fc24205475c1f8eb4332bde6959c8dc.tar.gz istreamdev-be27c9fd4fc24205475c1f8eb4332bde6959c8dc.tar.bz2 | |
Now check URL validity
Diffstat (limited to 'bin/files.php')
| -rwxr-xr-x | bin/files.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/bin/files.php b/bin/files.php index e7ffaa9..123644e 100755 --- a/bin/files.php +++ b/bin/files.php @@ -161,6 +161,14 @@ function filesgetlisting($dir) $filelisting = array(); $folderlisting = array(); + // Check dir + if (!isurlvalid($dir, "media") && !isurlvalid($dir, "rec")) + return array(); + + // Dont allow .. + if (preg_match("$\.\.$", $dir)) + return array(); + $dir_handle = @opendir($dir); if (!$dir_handle) return array(); |