diff options
| author | Máté Bartus <mate.bartus@gmail.com> | 2017-09-09 12:07:52 +0200 |
|---|---|---|
| committer | Máté Bartus <mate.bartus@gmail.com> | 2017-09-09 12:07:52 +0200 |
| commit | c265eab081cce761d150cf4a641ead5483193ab7 (patch) | |
| tree | c9a1f46f3c1c3e54a21d0e6148da7ee6284b9b29 /phpBB/phpbb/session.php | |
| parent | 16da17a4ba4b55404dba2b3416d8c62971ba16ca (diff) | |
| parent | c368d170cf09d06ff63249d4405323e6108d90bb (diff) | |
| download | forums-c265eab081cce761d150cf4a641ead5483193ab7.tar forums-c265eab081cce761d150cf4a641ead5483193ab7.tar.gz forums-c265eab081cce761d150cf4a641ead5483193ab7.tar.bz2 forums-c265eab081cce761d150cf4a641ead5483193ab7.tar.xz forums-c265eab081cce761d150cf4a641ead5483193ab7.zip | |
Merge pull request #4932 from Nicofuma/ticket/15351
[ticket/15351] Makes confirm_works in a router context (app.php)
Diffstat (limited to 'phpBB/phpbb/session.php')
| -rw-r--r-- | phpBB/phpbb/session.php | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index c5b50c2b07..6b5b8f2625 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -91,9 +91,18 @@ class session $page_name .= str_replace('%2F', '/', urlencode($symfony_request_path)); } - // current directory within the phpBB root (for example: adm) - $root_dirs = explode('/', str_replace('\\', '/', $phpbb_filesystem->realpath($root_path))); - $page_dirs = explode('/', str_replace('\\', '/', $phpbb_filesystem->realpath('./'))); + if (substr($root_path, 0, 2) === './' && strpos($root_path, '..') === false) + { + $root_dirs = explode('/', str_replace('\\', '/', rtrim($root_path, '/'))); + $page_dirs = explode('/', str_replace('\\', '/', '.')); + } + else + { + // current directory within the phpBB root (for example: adm) + $root_dirs = explode('/', str_replace('\\', '/', $phpbb_filesystem->realpath($root_path))); + $page_dirs = explode('/', str_replace('\\', '/', $phpbb_filesystem->realpath('./'))); + } + $intersection = array_intersect_assoc($root_dirs, $page_dirs); $root_dirs = array_diff_assoc($root_dirs, $intersection); |