diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2013-03-12 22:35:31 +0100 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2013-03-12 22:35:31 +0100 |
| commit | 567eefb2bd2bf280391786ea171dad0bdb0b442d (patch) | |
| tree | 1d3ca93557b8efa7f9ddfd2cbdaa80795297d3d7 | |
| parent | d6930df7a22f47619cc4f5e705b64447060b6c32 (diff) | |
| download | forums-567eefb2bd2bf280391786ea171dad0bdb0b442d.tar forums-567eefb2bd2bf280391786ea171dad0bdb0b442d.tar.gz forums-567eefb2bd2bf280391786ea171dad0bdb0b442d.tar.bz2 forums-567eefb2bd2bf280391786ea171dad0bdb0b442d.tar.xz forums-567eefb2bd2bf280391786ea171dad0bdb0b442d.zip | |
[ticket/11362] Correctly sanitise the directory path
We need to correctly remove ../ form the path if possible by removing the
previous folder aswell. Otherwise the finder is unable to locate /adm/style
directories in extensions as he is looking for /adm/../adm/style instead.
PHPBB3-11362
| -rw-r--r-- | phpBB/includes/extension/finder.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/phpBB/includes/extension/finder.php b/phpBB/includes/extension/finder.php index f71e32bc8d..d9aacc38ff 100644 --- a/phpBB/includes/extension/finder.php +++ b/phpBB/includes/extension/finder.php @@ -227,7 +227,7 @@ class phpbb_extension_finder */ protected function sanitise_directory($directory) { - $directory = preg_replace('#(?:^|/)\./#', '/', $directory); + $directory = phpbb_clean_path($directory); $dir_len = strlen($directory); if ($dir_len > 1 && $directory[$dir_len - 1] === '/') |