mirror_html/DirectoryLister
1
0
Fork 0
mirror of https://github.com/DirectoryLister/DirectoryLister.git synced 2025-09-25 05:01:37 +02:00
Code Issues Projects Releases Wiki Activity

Lots of security and bug fixes

Browse Source
This commit is contained in:
Chris Kankiewicz
2012-02-02 10:36:58 -07:00
parent 63b6372f49
commit 561d198ecd
1 changed files with 38 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
resources/DirectoryLister.php
View File

@@ -39,11 +39,12 @@ class DirectoryLister {
// Prevent access to parent folders
if (substr_count($this->_directory,'.',0,1) !== 0
|| substr_count($this->_directory,'..') !== 0
|| substr_count($this->_directory,'<') !== 0
|| substr_count($this->_directory,'>') !== 0
|| substr_count($this->_directory,'/',0,1) !== 0) {
$this->_directory = '.';
}else{
} else {
// Should stop all URL wrappers (Thanks to Hexatex)
$this->_directory = './' . $this->_directory;
}
@@ -192,33 +193,45 @@ class DirectoryLister {
}
if ($file == '..') {
// Get parent directory path
$pathArray = explode('/', $relativePath);
unset($pathArray[count($pathArray)-1]);
unset($pathArray[count($pathArray)-1]);
$directoryPath = implode('/', $pathArray);
if (!empty($directoryPath)) {
$directoryPath = '?dir=' . $directoryPath;
if ($this->_directory != '.') {
// Get parent directory path
$pathArray = explode('/', $relativePath);
unset($pathArray[count($pathArray)-1]);
unset($pathArray[count($pathArray)-1]);
$directoryPath = implode('/', $pathArray);
if (!empty($directoryPath)) {
$directoryPath = '?dir=' . $directoryPath;
}
// Add file info to the array
$directoryArray['..'] = array(
'file_path' => $this->_appURL . $directoryPath,
'file_size' => '-',
'mod_time' => date("Y-m-d H:i:s", filemtime($realPath)),
'icon' => 'back.png',
'sort' => 0
);
}
} elseif (!in_array($file, $this->_settings['hidden_files'])) {
// Add all non-hidden files
if ($this->_directory == '.' && $file == 'index.php'
|| $this->_settings['hide_dot_files'] && substr($file, 0, 1) == '.') {
// This isn't the file you're looking for. Move along...
} else {
// Add file info to the array
$directoryArray[pathinfo($realPath, PATHINFO_BASENAME)] = array(
'file_path' => $relativePath,
'file_size' => is_dir($realPath) ? '-' : round(filesize($realPath) / 1024) . 'KB',
'mod_time' => date("Y-m-d H:i:s", filemtime($realPath)),
'icon' => $fileIcon,
'sort' => $sort
);
}
// Add file info to the array
$directoryArray['..'] = array(
'file_path' => $this->_appURL . $directoryPath,
'file_size' => '-',
'mod_time' => date("Y-m-d H:i:s", filemtime($realPath)),
'icon' => 'back.png',
'sort' => 0
);
} else {
// Add file info to the array
$directoryArray[pathinfo($realPath, PATHINFO_BASENAME)] = array(
'file_path' => $relativePath,
'file_size' => is_dir($realPath) ? '-' : round(filesize($realPath) / 1024) . 'KB',
'mod_time' => date("Y-m-d H:i:s", filemtime($realPath)),
'icon' => $fileIcon,
'sort' => $sort
);
}
}
}