[svn r18439] add function disable_dangerous_file see FS#3565

main/work/work.lib.php

@@ -1,4 +1,4 @@
-<?php //$Id: work.lib.php 18437 2009-02-11 16:34:36Z cfasanando $
+<?php //$Id: work.lib.php 18439 2009-02-11 17:24:28Z cvargas1 $
 /* For licensing terms, see /dokeos_license.txt */
 /**
 *	@package dokeos.work
@@ -6,7 +6,7 @@
 * 	@author Patrick Cool <patrick.cool@UGent.be>, Ghent University - ability for course admins to specify wether uploaded documents are visible or invisible by default.
 * 	@author Roan Embrechts, code refactoring and virtual course support
 * 	@author Frederic Vauthier, directories management
-* 	@version $Id: work.lib.php 18437 2009-02-11 16:34:36Z cfasanando $
+* 	@version $Id: work.lib.php 18439 2009-02-11 17:24:28Z cvargas1 $
 */
 /**
  * Displays action links (for admins, authorized groups members and authorized students)
@@ -505,7 +505,9 @@ function display_student_publications_list($work_dir,$sub_course_dir,$currentCou
 					
 					$values = $form_folder -> exportValues();
 					$values = $values['my_group'];			
-					$dir_name = replace_accents($values['dir_name']);		
+					$dir_name = disable_dangerous_file($values['dir_name']);		
+					$dir_name = replace_accents($values['dir_name']);
+					$dir_name = replace_dangerous_char($values['dir_name']);
 					update_dir_name($mydir,$dir_name);
 					$mydir = $my_sub_dir.$dir_name;
 					$dir = $dir_name;
@@ -731,6 +733,8 @@ function get_subdirs_list($basedir='',$recurse=0){
 	$dh = opendir($basedir);
 	while($entry = readdir($dh)) {
 		$entry = replace_accents($entry);
+		$entry = disable_dangerous_file($entry);
+		$entry = replace_dangerous_char($entry);
 		if(is_dir($basedir.$entry) && $entry!='..' && $entry!='.') { 
 			$dirs_list[] = $entry;
 			if($recurse==1) {
@@ -987,7 +991,10 @@ function update_dir_name($path, $new_name)
 		$path_to_dir .= '/';
 	}
 	
+	
 	$new_name=replace_accents($new_name);
+	$new_name=disable_dangerous_file($new_name);
+	$new_name=replace_dangerous_char($new_name);
 	
 	my_rename($base_work_dir.'/'.$path,$new_name);			
 	$table = Database::get_course_table(TABLE_STUDENT_PUBLICATION);

main/work/work.php

@@ -1,4 +1,4 @@
-<?php //$Id: work.php 18437 2009-02-11 16:34:36Z cfasanando $
+<?php //$Id: work.php 18439 2009-02-11 17:24:28Z cvargas1 $
 /* For licensing terms, see /dokeos_license.txt */
 /**
 *	@package dokeos.work
@@ -6,7 +6,7 @@
 * 	@author Patrick Cool <patrick.cool@UGent.be>, Ghent University - ability for course admins to specify wether uploaded documents are visible or invisible by default.
 * 	@author Roan Embrechts, code refactoring and virtual course support
 * 	@author Frederic Vauthier, directories management
-*  	@version $Id: work.php 18437 2009-02-11 16:34:36Z cfasanando $
+*  	@version $Id: work.php 18439 2009-02-11 17:24:28Z cvargas1 $
 *
 * 	@todo refactor more code into functions, use quickforms, coding standards, ...
 */
@@ -213,7 +213,6 @@ if (!empty($_POST['submitWork']) || !empty($submitGroupWorkUrl)) {
 	include_once (api_get_path(INCLUDE_PATH) . "lib/fileUpload.lib.php");
 	include_once (api_get_path(INCLUDE_PATH) . "lib/fileDisplay.lib.php"); // need format_url function
 }
-
 // If the POST's size exceeds 8M (default value in php.ini) the $_POST array is emptied
 // If that case happens, we set $submitWork to 1 to allow displaying of the error message
 // The redirection with header() is needed to avoid apache to show an error page on the next request
@@ -492,6 +491,7 @@ if (api_is_allowed_to_edit(false,true)) {
 			include_once (api_get_path(LIBRARY_PATH) . "fileUpload.lib.php");
 			$added_slash = (substr($cur_dir_path, -1, 1) == '/') ? '' : '/';	
 				
+			$directory =disable_dangerous_file($_POST['new_dir']);
 			$directory =replace_accents($_POST['new_dir']);
 			$dir_name = $cur_dir_path . $added_slash . replace_dangerous_char($directory);				
 			$created_dir = create_unexisting_work_directory($base_work_dir, $dir_name);