Skip to content
Snippets Groups Projects
Commit 5de800d3 authored by Patrick Barroca's avatar Patrick Barroca :grin:
Browse files

hotline #67793 : renaming to .htaccess is forbidden

parent d89d51da
Branches
Tags
4 merge requests!2420Hotline master,!2415Master,!2414Hotline master,!2412Hotline#67693 core five filemanager rendre impossible l envoi de fichier htaccess
Pipeline #2938 failed with stage
in 26 minutes and 56 seconds
......@@ -30,15 +30,33 @@ function auth() {
require_once($base_path . 'cosmogramme/storm_init.php');
$file_manager = new Class_FileManager();
// rename
if (array_key_exists('mode', $_GET)
&& 'rename' == $_GET['mode']
&& array_key_exists('old', $_GET)) {
$suffix = '';
if(substr($_GET['old'], -1, 1) == '/') {
$_GET['old'] = substr($_GET['old'],0,(strlen($_GET['old'])-1));
$suffix = '/';
}
$tmp = explode('/', $_GET['old']);
$filename = $tmp[(sizeof($tmp)-1)];
$path = str_replace('/' . $filename,'', $_GET['old']);
return $file_manager->isAuthorized($_GET['old'])
&& $file_manager->isAuthorized($path . '/' . $_GET['new']);
}
$path = array_key_exists('path', $_GET) ? $_GET['path'] : '';
// add
$path = array_key_exists('currentpath', $_POST) && array_key_exists('filename', $_POST)
? $_POST['currentpath'] . $_POST['filename'] : $path;
$path = (array_key_exists('mode', $_GET) && 'rename' == $_GET['mode'] && array_key_exists('old', $_GET))
? $_GET['old'] : $path;
return (new Class_FileManager())->isAuthorized($path);
return $file_manager->isAuthorized($path);
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment