filesite
/
machete
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

move function improve to disable ../ in from and to directory

master
filesite 2 years ago
parent
3ed89fb496
commit
dad269b6e2
1 changed files with 3 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      controller/ApiController.php

6
controller/ApiController.php
Unescape View File

@ -53,7 +53,7 @@ Class ApiController extends Controller { @@ -53,7 +53,7 @@ Class ApiController extends Controller {
$realpath = preg_replace('/\/$/', '', $realpath);
$arr = explode('/', $realpath);
if (count($arr) < 2) {return '/';}
if (count($arr) < 2 || empty($arr[0])) {return '/';}
array_pop($arr);
return implode('/', $arr);
@ -61,7 +61,7 @@ Class ApiController extends Controller { @@ -61,7 +61,7 @@ Class ApiController extends Controller {
//判断父目录是否合法
protected function isParentDirectoryValid($parentDir) {
if (empty($parentDir) || strpos($parentDir, '../') !== false) {
if (empty($parentDir) || strpos($parentDir, '..') !== false) {
return false;
}else if ($realpath == '/') {
return true;
@ -286,7 +286,7 @@ Class ApiController extends Controller { @@ -286,7 +286,7 @@ Class ApiController extends Controller {
return $this->renderJson(compact('code', 'msg', 'err', 'data'), $this->httpStatus['notAllowed']);
}
$fromFile = str_replace("{$fromParent}/", '', $fromDir);
$fromFile = $this->basename($fromDir);
$toDir = preg_match('/\/$/', $toDir) ? "{$toDir}{$fromFile}" : "{$toDir}/{$fromFile}";
}

Write Preview
Loading…
Cancel
Save