From 8f08b586f1233920cd12604c582e32bd442494a3 Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Thu, 20 Oct 2011 05:52:45 -0400
Subject: [PATCH] - Corrected folder paths for folder protection (missing trailing slash).

---
 server/plugins-available/apache2_plugin.inc.php |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 5a0c215..d00a514 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -1305,7 +1305,7 @@
 		if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
 		if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
 		$folder_path = escapeshellcmd($website['document_root'].'/web/'.$folder['path']);
-		if(substr($folder_path,-1) != '/' && $folder['path'] != '') $folder_path .= '/';
+		if(substr($folder_path,-1) != '/') $folder_path .= '/';
 		
 		//* Check if the resulting path is inside the docroot
 		if(stristr($folder_path,'..') || stristr($folder_path,'./') || stristr($folder_path,'\\')) {
@@ -1381,7 +1381,7 @@
 		if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
 		if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
 		$folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
-		if(substr($folder_path,-1) != '/' && $folder['path'] != '') $folder_path .= '/';
+		if(substr($folder_path,-1) != '/') $folder_path .= '/';
 		
 		//* Check if the resulting path is inside the docroot
 		if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
@@ -1417,12 +1417,12 @@
 		if(substr($data['old']['path'],0,1) == '/') $data['old']['path'] = substr($data['old']['path'],1);
 		if(substr($data['old']['path'],-1) == '/') $data['old']['path'] = substr($data['old']['path'],0,-1);
 		$old_folder_path = realpath($website['document_root'].'/web/'.$data['old']['path']);
-		if(substr($old_folder_path,-1) != '/' && $data['old']['path'] != '') $old_folder_path .= '/';
+		if(substr($old_folder_path,-1) != '/') $old_folder_path .= '/';
 			
 		if(substr($data['new']['path'],0,1) == '/') $data['new']['path'] = substr($data['new']['path'],1);
 		if(substr($data['new']['path'],-1) == '/') $data['new']['path'] = substr($data['new']['path'],0,-1);
 		$new_folder_path = escapeshellcmd($website['document_root'].'/web/'.$data['new']['path']);
-		if(substr($new_folder_path,-1) != '/' && $data['new']['path'] != '') $new_folder_path .= '/';
+		if(substr($new_folder_path,-1) != '/') $new_folder_path .= '/';
 		
 		//* Check if the resulting path is inside the docroot
 		if(stristr($new_folder_path,'..') || stristr($new_folder_path,'./') || stristr($new_folder_path,'\\')) {

--
Gitblit v1.9.1