Changeset 960
- Timestamp:
- 03/03/2008 02:10:01 AM (3 years ago)
- Location:
- branches/1.1.6.4
- Files:
-
- 2 modified
-
actions/files.php (modified) (2 diffs)
-
handlers/page/files.xml.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
branches/1.1.6.4/actions/files.php
r387 r960 25 25 * @uses Wakka::IsAdmin() 26 26 * @uses Wakka::MiniHref() 27 * @uses Wakka::href() 28 * @uses Wakka::FormClose() 29 * @uses Wakka::GetPageTag() 27 30 * @uses Wakka::htmlspecialchars_ent() 28 31 * … … 196 199 $dir = opendir($upload_path); 197 200 while ($file = readdir($dir)) { 198 if ( $file != '.' && $file != '..') {201 if (!preg_match('/^\\./', $file)) { 199 202 $num++; 200 203 // if ($this->HasAccess('write')) { -
branches/1.1.6.4/handlers/page/files.xml.php
r396 r960 38 38 #$_REQUEST['file'] = basename($_REQUEST['file']); 39 39 $_GET['file'] = basename($_GET['file']); #312 40 if ( $this->HasAccess('read')) {40 if (($this->HasAccess('read')) && (!preg_match('/^\\./', $_GET['file']))) { 41 41 #$path = "{$upload_path}/{$_REQUEST['file']}"; 42 42 $path = $upload_path.DIRECTORY_SEPARATOR.$_GET['file']; #89, #312
