Mirrors/ICEcoder
2
0
Fork 0
mirror of https://github.com/icecoder/ICEcoder.git synced 2026-03-03 07:13:59 +01:00
Code Issues Packages Projects Releases Wiki Activity

Check if requested file is on banned list first

Browse Source
This commit is contained in:
Matt Pass
2016-04-14 08:25:42 +01:00
parent 1e7b735b7f
commit f5705393ee
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/file-control.php
View File

@@ -67,7 +67,15 @@ for ($i=0; $i<count($allFiles); $i++) {
if ($_GET['action']=="load") {
echo 'action="load";';
$lineNumber = max(isset($_REQUEST['lineNumber'])?intval($_REQUEST['lineNumber']):1, 1);
if (isset($ftpSite) || file_exists($file)) {
// Check this file isn't on the banned list at all
$canOpen = true;
for ($i=0;$i<count($_SESSION['bannedFiles']);$i++) {
if($_SESSION['bannedFiles'][$i] != "" && strpos($file,$_SESSION['bannedFiles'][$i])!==false) {$canOpen = false;}
}
if (!$canOpen) {
echo 'fileType="nothing"; top.ICEcoder.message(\''.$t['Sorry, could not...'].' '.$fileLoc."/".$fileName.'\');';
} elseif (isset($ftpSite) || file_exists($file)) {
$finfo = "text";
// Determine what to do based on mime type
if (!isset($ftpSite) && function_exists('finfo_open')) {