From cd2fa2dd9b9a63304b0489fc94f81a26ba39bfa3 Mon Sep 17 00:00:00 2001
From: Cameron <e107inc@gmail.com>
Date: Sun, 2 Apr 2017 14:30:30 -0700
Subject: [PATCH] Plugin class: check for bad folder names.

---
 e107_handlers/plugin_class.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/e107_handlers/plugin_class.php b/e107_handlers/plugin_class.php
index b6b3cb75e..1b00a6130 100644
--- a/e107_handlers/plugin_class.php
+++ b/e107_handlers/plugin_class.php
@@ -474,11 +474,13 @@ class e_plugin
 
 		$arr = array();
 
+		var_dump($dirs);
+
 		foreach($dirs as $plugName)
 		{
 			$ret = null;
 
-			if(empty($plugName) || $plugName === '.' || $plugName === '..' || !is_dir(e_PLUGIN.$plugName))
+			if((htmlentities($plugName) != $plugName) || empty($plugName) || $plugName === '.' || $plugName === '..' || !is_dir(e_PLUGIN.$plugName))
 			{
 				continue;
 			}