mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-01-29 18:47:54 +01:00
Code Issues Releases Wiki Activity

Plugin class: check for bad folder names.

Browse Source
This commit is contained in:
Cameron 2017-04-02 14:30:30 -07:00
parent b3c4d82698
commit cd2fa2dd9b
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
e107_handlers/plugin_class.php
View File

@ -474,11 +474,13 @@ class e_plugin
$arr = array();
var_dump($dirs);
foreach($dirs as $plugName)
{
$ret = null;
if(empty($plugName) || $plugName === '.' || $plugName === '..' || !is_dir(e_PLUGIN.$plugName))
if((htmlentities($plugName) != $plugName) || empty($plugName) || $plugName === '.' || $plugName === '..' || !is_dir(e_PLUGIN.$plugName))
{
continue;
}