Bug fixes
This commit is contained in:
parent
256773cc89
commit
e76e92bf98
@ -1,5 +1,7 @@
|
||||
AddDefaultCharset UTF-8
|
||||
|
||||
<IfModule mod_rewrite.c>
|
||||
|
||||
# Enable rewrite rules
|
||||
RewriteEngine on
|
||||
|
||||
@ -8,4 +10,6 @@ RewriteRule ^content/(.*)\.txt$ - [R=404,L]
|
||||
|
||||
# All URL process by index.php
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
RewriteRule ^(.*) index.php [L]
|
||||
RewriteRule ^(.*) index.php [L]
|
||||
|
||||
</IfModule>
|
@ -3,11 +3,10 @@
|
||||
class fileContent
|
||||
{
|
||||
public $vars;
|
||||
public $path;
|
||||
|
||||
function __construct($pathSlug)
|
||||
function __construct($path)
|
||||
{
|
||||
if($this->build($pathSlug)===false) {
|
||||
if($this->build($path)===false) {
|
||||
$this->vars = false;
|
||||
}
|
||||
}
|
||||
@ -37,17 +36,14 @@ class fileContent
|
||||
return true;
|
||||
}
|
||||
|
||||
private function build($pathSlug)
|
||||
private function build($path)
|
||||
{
|
||||
if( !Sanitize::pathFile($this->path.$pathSlug.DS, 'index.txt') ) {
|
||||
if( !Sanitize::pathFile($path, 'index.txt') ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Database Key
|
||||
$this->setField('key', $pathSlug);
|
||||
|
||||
$tmp = 0;
|
||||
$lines = file($this->path.$pathSlug.DS.'index.txt');
|
||||
$lines = file($path.'index.txt');
|
||||
foreach($lines as $lineNumber=>$line)
|
||||
{
|
||||
$parts = array_map('trim', explode(':', $line, 2));
|
||||
|
@ -30,15 +30,20 @@ class Sanitize {
|
||||
|
||||
public static function pathFile($path, $file)
|
||||
{
|
||||
// Fix for Windows on paths. eg: $path = c:\diego/page/subpage convert to c:\diego\page\subpages
|
||||
$path = str_replace('/', DS, $path);
|
||||
|
||||
$real = realpath($path.$file);
|
||||
|
||||
// If $real is FALSE the file does not exist.
|
||||
if($real===false)
|
||||
if($real===false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// If the $real path does not start with the systemPath then this is Path Traversal.
|
||||
if(strpos($path.$file, $real)!==0)
|
||||
if(strpos($path.$file, $real)!==0) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
@ -3,10 +3,11 @@
|
||||
class Page extends fileContent
|
||||
{
|
||||
function __construct($key)
|
||||
{
|
||||
$this->path = PATH_PAGES;
|
||||
{
|
||||
// Database Key
|
||||
$this->setField('key', $key);
|
||||
|
||||
parent::__construct($key);
|
||||
parent::__construct(PATH_PAGES.$key.DS);
|
||||
}
|
||||
|
||||
// Returns the post title.
|
||||
|
@ -2,11 +2,12 @@
|
||||
|
||||
class Post extends fileContent
|
||||
{
|
||||
function __construct($slug)
|
||||
function __construct($key)
|
||||
{
|
||||
$this->path = PATH_POSTS;
|
||||
// Database Key
|
||||
$this->setField('key', $key);
|
||||
|
||||
parent::__construct($slug);
|
||||
parent::__construct(PATH_POSTS.$key.DS);
|
||||
}
|
||||
|
||||
// Returns the post title.
|
||||
|
@ -9,7 +9,13 @@
|
||||
</h2>
|
||||
|
||||
<p class="post-meta">
|
||||
<span><?php echo $Language->get('Posted By').' '.$Post->author() ?></span>
|
||||
<span><?php
|
||||
|
||||
if( Text::isNotEmpty($Post->author()) ) {
|
||||
echo $Post->author();
|
||||
}
|
||||
|
||||
?></span>
|
||||
<span>Date: <?php echo $Post->dateCreated() ?></span>
|
||||
</p>
|
||||
</header>
|
||||
|
Loading…
Reference in New Issue
Block a user