diff options
author | VirtualTam <virtualtam@flibidi.net> | 2017-09-19 20:21:28 +0200 |
---|---|---|
committer | VirtualTam <virtualtam@flibidi.net> | 2017-09-28 21:57:20 +0200 |
commit | e4325b1517c3d9769c8e0141e37b2845bf8e4d09 (patch) | |
tree | e16af52e1a9ce4a56693e4fe4eb01cbc5112fb86 /application | |
parent | 0cba184cf80423d990aba09a2a0a1f2b9c5882b7 (diff) | |
download | Shaarli-e4325b1517c3d9769c8e0141e37b2845bf8e4d09.tar.gz Shaarli-e4325b1517c3d9769c8e0141e37b2845bf8e4d09.tar.zst Shaarli-e4325b1517c3d9769c8e0141e37b2845bf8e4d09.zip |
Robustness: safer RainTPL directory handling
Relates to https://github.com/shaarli/Shaarli/issues/845
Relates to https://github.com/shaarli/Shaarli/issues/846
Relates to https://github.com/shaarli/Shaarli/pull/909
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
Diffstat (limited to 'application')
-rw-r--r-- | application/ApplicationUtils.php | 5 | ||||
-rw-r--r-- | application/ThemeUtils.php | 1 |
2 files changed, 4 insertions, 2 deletions
diff --git a/application/ApplicationUtils.php b/application/ApplicationUtils.php index 85dcbeeb..123cc0b3 100644 --- a/application/ApplicationUtils.php +++ b/application/ApplicationUtils.php | |||
@@ -168,14 +168,15 @@ class ApplicationUtils | |||
168 | public static function checkResourcePermissions($conf) | 168 | public static function checkResourcePermissions($conf) |
169 | { | 169 | { |
170 | $errors = array(); | 170 | $errors = array(); |
171 | $rainTplDir = rtrim($conf->get('resource.raintpl_tpl'), '/'); | ||
171 | 172 | ||
172 | // Check script and template directories are readable | 173 | // Check script and template directories are readable |
173 | foreach (array( | 174 | foreach (array( |
174 | 'application', | 175 | 'application', |
175 | 'inc', | 176 | 'inc', |
176 | 'plugins', | 177 | 'plugins', |
177 | $conf->get('resource.raintpl_tpl'), | 178 | $rainTplDir, |
178 | $conf->get('resource.raintpl_tpl').'/'.$conf->get('resource.theme'), | 179 | $rainTplDir.'/'.$conf->get('resource.theme'), |
179 | ) as $path) { | 180 | ) as $path) { |
180 | if (! is_readable(realpath($path))) { | 181 | if (! is_readable(realpath($path))) { |
181 | $errors[] = '"'.$path.'" directory is not readable'; | 182 | $errors[] = '"'.$path.'" directory is not readable'; |
diff --git a/application/ThemeUtils.php b/application/ThemeUtils.php index 2718ed13..16f2f6a2 100644 --- a/application/ThemeUtils.php +++ b/application/ThemeUtils.php | |||
@@ -22,6 +22,7 @@ class ThemeUtils | |||
22 | */ | 22 | */ |
23 | public static function getThemes($tplDir) | 23 | public static function getThemes($tplDir) |
24 | { | 24 | { |
25 | $tplDir = rtrim($tplDir, '/'); | ||
25 | $allTheme = glob($tplDir.'/*', GLOB_ONLYDIR); | 26 | $allTheme = glob($tplDir.'/*', GLOB_ONLYDIR); |
26 | $themes = []; | 27 | $themes = []; |
27 | foreach ($allTheme as $value) { | 28 | foreach ($allTheme as $value) { |