Ip\Internal\Repository\BrowserModel::pathMustBeInRepository PHP Method

BrowserModel Class Documentation Datei anzeigen Open project: impresspages/impresspages

pathMustBeInRepository() public method

Throw an exception if path goes out of repository dir

public pathMustBeInRepository ( $path, $secure )
$path
$secure

    public function pathMustBeInRepository($path, $secure)
    {
        if (!$path) {
            return;
        }
        if ($path && substr($path, -1) != '/') {
            $path .= '/';
        }
        $relativePath = ipFile('file/repository/' . $path);
        if ($secure) {
            $relativePath = ipFile('file/secure/' . $path);
        }
        //check if we are still in the repository dir (to prevent listing files outside of the repository)
        $relpath = realpath($relativePath);
        if ($secure) {
            if (strpos($relpath, realpath(ipFile('file/secure/'))) !== 0) {
                throw new \Ip\Exception("Restricted directory");
            }
        } else {
            if (strpos($relpath, realpath(ipFile('file/repository/'))) !== 0) {
                throw new \Ip\Exception("Restricted directory");
            }
        }
    }

BrowserModel

__clone

__construct

createPreview

getAvailableFiles

getFile

getFileData

getPath

instance

pathMustBeInRepository