diff options
| author | Cesar G <prototech91@gmail.com> | 2013-12-12 14:40:03 -0800 |
|---|---|---|
| committer | Cesar G <prototech91@gmail.com> | 2013-12-12 14:40:03 -0800 |
| commit | c42bd28d172a9ae7439cc3868ebfda87e93f3490 (patch) | |
| tree | 40fee8bfa4ed9c2ee2ba2ab9b69d22f22f921cea /phpBB/phpbb/extension | |
| parent | 2735982c551d6537bd49fda265c82fdd3471fa36 (diff) | |
| download | forums-c42bd28d172a9ae7439cc3868ebfda87e93f3490.tar forums-c42bd28d172a9ae7439cc3868ebfda87e93f3490.tar.gz forums-c42bd28d172a9ae7439cc3868ebfda87e93f3490.tar.bz2 forums-c42bd28d172a9ae7439cc3868ebfda87e93f3490.tar.xz forums-c42bd28d172a9ae7439cc3868ebfda87e93f3490.zip | |
[ticket/12009] Prevent user from enabling invalid extension through direct URL
PHPBB3-12009
Diffstat (limited to 'phpBB/phpbb/extension')
| -rw-r--r-- | phpBB/phpbb/extension/metadata_manager.php | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/phpBB/phpbb/extension/metadata_manager.php b/phpBB/phpbb/extension/metadata_manager.php index d0323120d8..66cdb86513 100644 --- a/phpBB/phpbb/extension/metadata_manager.php +++ b/phpBB/phpbb/extension/metadata_manager.php @@ -266,8 +266,8 @@ class metadata_manager */ public function validate_enable() { - // Check for phpBB, PHP versions - if (!$this->validate_require_phpbb() || !$this->validate_require_php()) + // Check for valid directory & phpBB, PHP versions + if (!$this->validate_dir() || !$this->validate_require_phpbb() || !$this->validate_require_php()) { return false; } @@ -275,6 +275,16 @@ class metadata_manager return true; } + /** + * Validates the most basic directory structure to ensure it follows <vendor>/<ext> convention. + * + * @return boolean True when passes validation + */ + public function validate_dir() + { + return (substr_count($this->ext_name, '/') === 1 && $this->ext_name == $this->get_metadata('name')); + } + /** * Validates the contents of the phpbb requirement field |