Merge branch 'jquery' of projects.vdr-developer.org:istreamdev into jquery

author: Alib <aliboba@free.fr> 2010-03-23 17:23:53 +0100
committer: Alib <aliboba@free.fr> 2010-03-23 17:23:53 +0100
commit: 39d5e81996d91fb66039c1655f67b4edde3ef381 (patch)
tree: b7287d71d85fb71023e207d4c76a6e8dd900a823 /bin/files.php
parent: 50171cdd7b3b05a62826d88381e6e11ec22d95f3 (diff)
parent: 1247a87685d2cf2389d62909f115178d0768748e (diff)
download: istreamdev-39d5e81996d91fb66039c1655f67b4edde3ef381.tar.gz
istreamdev-39d5e81996d91fb66039c1655f67b4edde3ef381.tar.bz2
1 files changed, 8 insertions, 0 deletions
diff --git a/bin/files.php b/bin/files.php
index e7ffaa9..123644e 100755
--- a/bin/files.php
+++ b/bin/files.php
@@ -161,6 +161,14 @@ function filesgetlisting($dir)
 	$filelisting = array();
 	$folderlisting = array();
 
+	// Check dir
+	if (!isurlvalid($dir, "media") && !isurlvalid($dir, "rec"))
+		return array();
+
+	// Dont allow ..
+	if (preg_match("$\.\.$", $dir))
+		return array();
+
 	$dir_handle = @opendir($dir);
 	if (!$dir_handle)
 		return array();
author	Alib <aliboba@free.fr>	2010-03-23 17:23:53 +0100
committer	Alib <aliboba@free.fr>	2010-03-23 17:23:53 +0100
commit	39d5e81996d91fb66039c1655f67b4edde3ef381 (patch)
tree	b7287d71d85fb71023e207d4c76a6e8dd900a823 /bin/files.php
parent	50171cdd7b3b05a62826d88381e6e11ec22d95f3 (diff)
parent	1247a87685d2cf2389d62909f115178d0768748e (diff)
download	istreamdev-39d5e81996d91fb66039c1655f67b4edde3ef381.tar.gz istreamdev-39d5e81996d91fb66039c1655f67b4edde3ef381.tar.bz2