|
|
|
|
@ -54,20 +54,17 @@ |
|
|
|
|
class Security{ |
|
|
|
|
var $clean = array(); |
|
|
|
|
/** |
|
|
|
|
* Checks if the relative path given is really under the checker path |
|
|
|
|
* @param string Relative path to be checked (relative to the current directory) (with trailing slash) |
|
|
|
|
* Checks if the absolute path given is really under the checker path |
|
|
|
|
* @param string Absolute path to be checked (with trailing slash) |
|
|
|
|
* @param string Checker path under which the path should be (with trailing slash) |
|
|
|
|
* @return bool True if the path is under the checker, false otherwise |
|
|
|
|
*/ |
|
|
|
|
function check_rel_path($rel_path,$checker_path) |
|
|
|
|
function check_abs_path($abs_path,$checker_path) |
|
|
|
|
{ |
|
|
|
|
if(empty($checker_path)){return false;} //checker path must be set |
|
|
|
|
$current_path = getcwd(); //no trailing slash |
|
|
|
|
if(substr($rel_path,-1,1)!='/'){ |
|
|
|
|
$rel_path = '/'.$rel_path; |
|
|
|
|
} |
|
|
|
|
$abs_path = $current_path.$rel_path; |
|
|
|
|
|
|
|
|
|
$true_path=str_replace("\\", "/", realpath($abs_path)); |
|
|
|
|
|
|
|
|
|
$found = strpos($true_path.'/',$checker_path); |
|
|
|
|
if($found===0) |
|
|
|
|
{ |
|
|
|
|
@ -76,17 +73,20 @@ class Security{ |
|
|
|
|
return false; |
|
|
|
|
} |
|
|
|
|
/** |
|
|
|
|
* Checks if the absolute path given is really under the checker path |
|
|
|
|
* @param string Absolute path to be checked (with trailing slash) |
|
|
|
|
* Checks if the relative path given is really under the checker path |
|
|
|
|
* @param string Relative path to be checked (relative to the current directory) (with trailing slash) |
|
|
|
|
* @param string Checker path under which the path should be (with trailing slash) |
|
|
|
|
* @return bool True if the path is under the checker, false otherwise |
|
|
|
|
*/ |
|
|
|
|
function check_abs_path($abs_path,$checker_path) |
|
|
|
|
function check_rel_path($rel_path,$checker_path) |
|
|
|
|
{ |
|
|
|
|
if(empty($checker_path)){return false;} //checker path must be set |
|
|
|
|
|
|
|
|
|
$current_path = getcwd(); //no trailing slash |
|
|
|
|
if(substr($rel_path,-1,1)!='/'){ |
|
|
|
|
$rel_path = '/'.$rel_path; |
|
|
|
|
} |
|
|
|
|
$abs_path = $current_path.$rel_path; |
|
|
|
|
$true_path=str_replace("\\", "/", realpath($abs_path)); |
|
|
|
|
|
|
|
|
|
$found = strpos($true_path.'/',$checker_path); |
|
|
|
|
if($found===0) |
|
|
|
|
{ |
|
|
|
|
@ -137,6 +137,15 @@ class Security{ |
|
|
|
|
} |
|
|
|
|
return false; |
|
|
|
|
} |
|
|
|
|
/** |
|
|
|
|
* Clear the security token from the session |
|
|
|
|
* @return void |
|
|
|
|
*/ |
|
|
|
|
function clear_token() |
|
|
|
|
{ |
|
|
|
|
$_SESSION['sec_token'] = null; |
|
|
|
|
unset($_SESSION['sec_token']); |
|
|
|
|
} |
|
|
|
|
/** |
|
|
|
|
* This function sets a random token to be included in a form as a hidden field |
|
|
|
|
* and saves it into the user's session. Returns an HTML form element |
|
|
|
|
|
Yannick Warnier
19 years ago