Mirrors/ICEcoder
2
0
Fork 0
mirror of https://github.com/icecoder/ICEcoder.git synced 2026-03-03 23:34:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

Replace * when analysing bannedFiles list

Browse Source
This commit is contained in:
Matt Pass
2016-04-24 11:14:18 +01:00
parent f6d19d2650
commit 2727bcb3e8
4 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/file-control-xhr.php
View File

@@ -73,7 +73,7 @@ if (!$error) {
// Die if the file requested isn't something we expect
if(
// On the banned file/dir list
($_SESSION['bannedFiles'][$i] != "" && strpos($allFiles[$i],$_SESSION['bannedFiles'][$i])!==false) ||
(str_replace("*","",$_SESSION['bannedFiles'][$i]) != "" && strpos($allFiles[$i],str_replace("*","",$_SESSION['bannedFiles'][$i]))!==false) ||
// A local folder that isn't the doc root or starts with the doc root
($_GET['action']!="getRemoteFile" && !isset($ftpSite) &&
rtrim($allFiles[$i],"/") !== rtrim($docRoot,"/") &&

2
lib/file-control.php
View File

@@ -70,7 +70,7 @@ if ($_GET['action']=="load") {
// Check this file isn't on the banned list at all
$canOpen = true;
for ($i=0;$i<count($_SESSION['bannedFiles']);$i++) {
if($_SESSION['bannedFiles'][$i] != "" && strpos($file,$_SESSION['bannedFiles'][$i])!==false) {$canOpen = false;}
if(str_replace("*","",$_SESSION['bannedFiles'][$i]) != "" && strpos($file,str_replace("*","",$_SESSION['bannedFiles'][$i]))!==false) {$canOpen = false;}
}
if (!$canOpen) {

2
lib/get-branch.php
View File

@@ -143,7 +143,7 @@ if (isset($ftpSite)) {
foreach($finalArray as $entry) {
$canAdd = true;
for ($i=0;$i<count($_SESSION['bannedFiles']);$i++) {
if($_SESSION['bannedFiles'][$i] != "" && strpos($entry,$_SESSION['bannedFiles'][$i])!==false) {$canAdd = false;}
if(str_replace("*","",$_SESSION['bannedFiles'][$i]) != "" && strpos($entry,str_replace("*","",$_SESSION['bannedFiles'][$i]))!==false) {$canAdd = false;}
}
// Only applicable for local dir, ignoring ICEcoder's dir
if (!isset($ftpSite) && $docRoot.$iceRoot.$location."/".$entry == $docRoot.$ICEcoderDir) {

2
lib/multiple-results.php
View File

@@ -130,7 +130,7 @@ if (startTab!=top.ICEcoder.selectedTab) {
$foundInSelFile = false;
// Exclude banned files
for ($i=0;$i<count($ICEcoder['bannedFiles']);$i++) {
if (strpos($f,$ICEcoder['bannedFiles'][$i])!==false) {$bFile = true;};
if (strpos($f,str_replace("*","",$ICEcoder['bannedFiles'][$i]))!==false) {$bFile = true;};
}
// Exclude the folder ICEcoder is running from
$rootPrefix = '/'.str_replace("/","\/",preg_quote(str_replace("\\","/",$docRoot))).'/';