Bug fixes

This commit is contained in:
dignajar 2015-06-30 00:23:29 -03:00
parent 256773cc89
commit e76e92bf98
6 changed files with 32 additions and 19 deletions

View File

@ -1,5 +1,7 @@
AddDefaultCharset UTF-8 AddDefaultCharset UTF-8
<IfModule mod_rewrite.c>
# Enable rewrite rules # Enable rewrite rules
RewriteEngine on RewriteEngine on
@ -9,3 +11,5 @@ RewriteRule ^content/(.*)\.txt$ - [R=404,L]
# All URL process by index.php # All URL process by index.php
RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*) index.php [L] RewriteRule ^(.*) index.php [L]
</IfModule>

View File

@ -3,11 +3,10 @@
class fileContent class fileContent
{ {
public $vars; public $vars;
public $path;
function __construct($pathSlug) function __construct($path)
{ {
if($this->build($pathSlug)===false) { if($this->build($path)===false) {
$this->vars = false; $this->vars = false;
} }
} }
@ -37,17 +36,14 @@ class fileContent
return true; return true;
} }
private function build($pathSlug) private function build($path)
{ {
if( !Sanitize::pathFile($this->path.$pathSlug.DS, 'index.txt') ) { if( !Sanitize::pathFile($path, 'index.txt') ) {
return false; return false;
} }
// Database Key
$this->setField('key', $pathSlug);
$tmp = 0; $tmp = 0;
$lines = file($this->path.$pathSlug.DS.'index.txt'); $lines = file($path.'index.txt');
foreach($lines as $lineNumber=>$line) foreach($lines as $lineNumber=>$line)
{ {
$parts = array_map('trim', explode(':', $line, 2)); $parts = array_map('trim', explode(':', $line, 2));

View File

@ -30,15 +30,20 @@ class Sanitize {
public static function pathFile($path, $file) public static function pathFile($path, $file)
{ {
// Fix for Windows on paths. eg: $path = c:\diego/page/subpage convert to c:\diego\page\subpages
$path = str_replace('/', DS, $path);
$real = realpath($path.$file); $real = realpath($path.$file);
// If $real is FALSE the file does not exist. // If $real is FALSE the file does not exist.
if($real===false) if($real===false) {
return false; return false;
}
// If the $real path does not start with the systemPath then this is Path Traversal. // If the $real path does not start with the systemPath then this is Path Traversal.
if(strpos($path.$file, $real)!==0) if(strpos($path.$file, $real)!==0) {
return false; return false;
}
return true; return true;
} }

View File

@ -4,9 +4,10 @@ class Page extends fileContent
{ {
function __construct($key) function __construct($key)
{ {
$this->path = PATH_PAGES; // Database Key
$this->setField('key', $key);
parent::__construct($key); parent::__construct(PATH_PAGES.$key.DS);
} }
// Returns the post title. // Returns the post title.

View File

@ -2,11 +2,12 @@
class Post extends fileContent class Post extends fileContent
{ {
function __construct($slug) function __construct($key)
{ {
$this->path = PATH_POSTS; // Database Key
$this->setField('key', $key);
parent::__construct($slug); parent::__construct(PATH_POSTS.$key.DS);
} }
// Returns the post title. // Returns the post title.

View File

@ -9,7 +9,13 @@
</h2> </h2>
<p class="post-meta"> <p class="post-meta">
<span><?php echo $Language->get('Posted By').' '.$Post->author() ?></span> <span><?php
if( Text::isNotEmpty($Post->author()) ) {
echo $Post->author();
}
?></span>
<span>Date: <?php echo $Post->dateCreated() ?></span> <span>Date: <?php echo $Post->dateCreated() ?></span>
</p> </p>
</header> </header>