Prevent Path Traversal
This commit is contained in:
parent
81ae8f3016
commit
2506b5b6f0
1 changed files with 4 additions and 0 deletions
|
@ -41,7 +41,11 @@ if (isset($_SESSION['files'])
|
||||||
} else {
|
} else {
|
||||||
$r_imagedir = realpath($imagedir.$dir);
|
$r_imagedir = realpath($imagedir.$dir);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if ($r_imagedir === false || strcmp($r_imagedir, $r_basedir . DIRECTORY_SEPARATOR) !== 0) {
|
if ($r_imagedir === false || strcmp($r_imagedir, $r_basedir . DIRECTORY_SEPARATOR) !== 0) {
|
||||||
|
print_r($r_basedir);
|
||||||
|
print_r($r_imagedir);
|
||||||
print "Path Traversal Detected!";
|
print "Path Traversal Detected!";
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue