Add pathFile Sanitization

This commit is contained in:
SamBrishes 2018-12-31 14:03:24 +01:00
parent a1f6e698f2
commit 2e30c596f4
2 changed files with 13 additions and 7 deletions

View File

@ -55,13 +55,16 @@ class Plugin {
// --- Metadata ---
$this->filenameMetadata = PATH_PLUGINS.$this->directoryName().DS.'metadata.json';
$metadataString = file_get_contents($this->filenameMetadata);
$this->metadata = json_decode($metadataString, true);
// If the plugin is installed then get the database
if ($this->installed()) {
$Tmp = new dbJSON($this->filenameDb);
$this->db = $Tmp->db;
if( Sanitize::pathFile($this->filenameMetadata) ) {
$metadataString = file_get_contents($this->filenameMetadata);
$this->metadata = json_decode($metadataString, true);
// If the plugin is installed then get the database
if ($this->installed()) {
$Tmp = new dbJSON($this->filenameDb);
$this->db = $Tmp->db;
}
}
}
@ -324,4 +327,4 @@ class Plugin {
return true;
}
}
}

View File

@ -78,6 +78,9 @@ function buildPlugins()
$languageFilename = PATH_PLUGINS.$Plugin->directoryName().DS.'languages'.DS.$site->language().'.json';
if( !Sanitize::pathFile($languageFilename) ) {
$languageFilename = PATH_PLUGINS.$Plugin->directoryName().DS.'languages'.DS.DEFAULT_LANGUAGE_FILE;
if( !Sanitize::pathFile($languageFilename) ) {
continue;
}
}
$database = file_get_contents($languageFilename);