[svn r17570] FS#2970: ajaxfilemanager: Making the session folder secure.

main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/inc/class.session.php

@@ -114,7 +114,10 @@ class Session
 			{
 				while(false !== ($file = readdir($dirHandler)))
 				{
-					if($file != '.' && $file != '..' && $file != $this->gcCounterFileName && $file != $this->gcLogFileName && $file != session_id() )
+                    // This is to preserve the empty index.html and during development - the hidden .svn folder.
+					//if($file != '.' && $file != '..' && $file != $this->gcCounterFileName && $file != $this->gcLogFileName && $file != session_id() )
+					if($file != '.' && $file != '..' && $file != $this->gcCounterFileName && $file != $this->gcLogFileName && $file != session_id()
+						&& $file != 'index.html' && $file != '.svn')
 					{						
 						$path=$this->dir.$file;
 						$output .= $path ;
@@ -226,4 +229,4 @@ class Session
 
     
 }
-?>
+?>

main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/session/index.html

@@ -0,0 +1,8 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+</head>
+<body>
+<br />
+</body>
+</html>