diff options
| author | Andrey Andreev <narf@devilix.net> | 2016-07-26 20:03:12 +0200 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2016-07-26 20:03:12 +0200 |
| commit | 77266bc6a01668b2106b9974da02e2a7ceaf2fe6 (patch) | |
| tree | 955346c3278c03a2ff4174b9d078e9416a298ee9 /system/helpers | |
| parent | a9874a638970ef826f835718e58b197ff3672566 (diff) | |
| parent | 0b9540209499fbd0515e13fdc66e85dea4b6baad (diff) | |
Merge branch '3.1-stable' into develop
Conflicts resolved:
.travis.yml
system/core/CodeIgniter.php
system/database/drivers/oci8/oci8_forge.php
system/database/drivers/pdo/subdrivers/pdo_oci_forge.php
system/helpers/path_helper.php
system/libraries/Email.php
user_guide_src/source/changelog.rst
user_guide_src/source/conf.py
user_guide_src/source/contributing/index.rst
user_guide_src/source/general/requirements.rst
user_guide_src/source/general/styleguide.rst
user_guide_src/source/installation/downloads.rst
user_guide_src/source/installation/upgrade_310.rst
user_guide_src/source/installation/upgrading.rst
Diffstat (limited to 'system/helpers')
| -rw-r--r-- | system/helpers/file_helper.php | 8 | ||||
| -rw-r--r-- | system/helpers/path_helper.php | 2 |
2 files changed, 6 insertions, 4 deletions
diff --git a/system/helpers/file_helper.php b/system/helpers/file_helper.php index 0d8d1d0d9..3cb36a551 100644 --- a/system/helpers/file_helper.php +++ b/system/helpers/file_helper.php @@ -138,13 +138,15 @@ if ( ! function_exists('delete_files')) { if ($filename !== '.' && $filename !== '..') { - if (is_dir($path.DIRECTORY_SEPARATOR.$filename) && $filename[0] !== '.') + $filepath = $path.DIRECTORY_SEPARATOR.$filename; + + if (is_dir($filepath) && $filename[0] !== '.' && ! is_link($filepath)) { - delete_files($path.DIRECTORY_SEPARATOR.$filename, $del_dir, $htdocs, $_level + 1); + delete_files($filepath, $del_dir, $htdocs, $_level + 1); } elseif ($htdocs !== TRUE OR ! preg_match('/^(\.htaccess|index\.(html|htm|php)|web\.config)$/i', $filename)) { - @unlink($path.DIRECTORY_SEPARATOR.$filename); + @unlink($filepath); } } } diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 18e175093..6c846a211 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -61,7 +61,7 @@ if ( ! function_exists('set_realpath')) function set_realpath($path, $check_existance = FALSE) { // Security check to make sure the path is NOT a URL. No remote file inclusion! - if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp|php:\/\/)#i', $path) OR filter_var($path, FILTER_VALIDATE_IP) === $path ) + if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp|php:\/\/)#i', $path) OR filter_var($path, FILTER_VALIDATE_IP) === $path) { show_error('The path you submitted must be a local server path, not a URL'); } |