[3.1.0] Extend scanner to catch $this->config; chmod new directories from Serializer. I'm not exactly sure what the implications of the bugfix are, but hopefully it won't blow up.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1708 48356398-32a2-884e-a903-53898d9a118a
2025-07-31 19:30:21 +02:00 · 2008-05-13 03:17:38 +00:00
parent e0c0d8eab6
commit 77ce3e8b4a
6 changed files with 61 additions and 44 deletions
--- a/library/HTMLPurifier/DefinitionCache/Serializer.php
+++ b/library/HTMLPurifier/DefinitionCache/Serializer.php
@@ -100,18 +100,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends
     * @return Number of bytes written if success, or false if failure.
     */
    private function _write($file, $data) {
-        static $file_put_contents;
-        if ($file_put_contents === null) {
-            $file_put_contents = function_exists('file_put_contents');
-        }
-        if ($file_put_contents) {
-            return file_put_contents($file, $data);
-        }
-        $fh = fopen($file, 'w');
-        if (!$fh) return false;
-        $status = fwrite($fh, $data);
-        fclose($fh);
-        return $status;
+        return file_put_contents($file, $data);
    }
    
    /**
@@ -130,7 +119,9 @@ class HTMLPurifier_DefinitionCache_Serializer extends
            } elseif (!$this->_testPermissions($base)) {
                return false;
            }
+            $old = umask(0022); // disable group and world writes
            mkdir($directory);
+            umask($old);
        } elseif (!$this->_testPermissions($directory)) {
            return false;
        }