scratch – Diff between revs 96 and 102
?pathlinks?
Rev 96 | Rev 102 | |||
---|---|---|---|---|
Line 73... | Line 73... | |||
73 | $config['STORE_FOLDER'], |
73 | $config['STORE_FOLDER'], |
|
74 | $file |
74 | $file |
|
75 | ) |
75 | ) |
|
76 | ); |
76 | ); |
|
Line 77... | Line 77... | |||
77 | |
77 | |
|
78 | #### Check for path traversals |
78 | #### Check for path traversals. |
|
79 | $pathPart = pathinfo($userPath.'.'.$fileExtension); |
79 | $pathPart = pathinfo($userPath.'.'.$fileExtension); |
|
80 | if (strcasecmp( |
80 | if (strcasecmp( |
|
81 | realpath($pathPart['dirname']), realpath($config['STORE_FOLDER'])) != 0) { |
81 | realpath($pathPart['dirname']), realpath($config['STORE_FOLDER'])) != 0) { |
|
82 | http_response_code(500); |
82 | http_response_code(500); |