Bug fixes
This commit is contained in:
parent
256773cc89
commit
e76e92bf98
|
@ -1,5 +1,7 @@
|
||||||
AddDefaultCharset UTF-8
|
AddDefaultCharset UTF-8
|
||||||
|
|
||||||
|
<IfModule mod_rewrite.c>
|
||||||
|
|
||||||
# Enable rewrite rules
|
# Enable rewrite rules
|
||||||
RewriteEngine on
|
RewriteEngine on
|
||||||
|
|
||||||
|
@ -9,3 +11,5 @@ RewriteRule ^content/(.*)\.txt$ - [R=404,L]
|
||||||
# All URL process by index.php
|
# All URL process by index.php
|
||||||
RewriteCond %{REQUEST_FILENAME} !-f
|
RewriteCond %{REQUEST_FILENAME} !-f
|
||||||
RewriteRule ^(.*) index.php [L]
|
RewriteRule ^(.*) index.php [L]
|
||||||
|
|
||||||
|
</IfModule>
|
|
@ -3,11 +3,10 @@
|
||||||
class fileContent
|
class fileContent
|
||||||
{
|
{
|
||||||
public $vars;
|
public $vars;
|
||||||
public $path;
|
|
||||||
|
|
||||||
function __construct($pathSlug)
|
function __construct($path)
|
||||||
{
|
{
|
||||||
if($this->build($pathSlug)===false) {
|
if($this->build($path)===false) {
|
||||||
$this->vars = false;
|
$this->vars = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -37,17 +36,14 @@ class fileContent
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
private function build($pathSlug)
|
private function build($path)
|
||||||
{
|
{
|
||||||
if( !Sanitize::pathFile($this->path.$pathSlug.DS, 'index.txt') ) {
|
if( !Sanitize::pathFile($path, 'index.txt') ) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Database Key
|
|
||||||
$this->setField('key', $pathSlug);
|
|
||||||
|
|
||||||
$tmp = 0;
|
$tmp = 0;
|
||||||
$lines = file($this->path.$pathSlug.DS.'index.txt');
|
$lines = file($path.'index.txt');
|
||||||
foreach($lines as $lineNumber=>$line)
|
foreach($lines as $lineNumber=>$line)
|
||||||
{
|
{
|
||||||
$parts = array_map('trim', explode(':', $line, 2));
|
$parts = array_map('trim', explode(':', $line, 2));
|
||||||
|
|
|
@ -30,15 +30,20 @@ class Sanitize {
|
||||||
|
|
||||||
public static function pathFile($path, $file)
|
public static function pathFile($path, $file)
|
||||||
{
|
{
|
||||||
|
// Fix for Windows on paths. eg: $path = c:\diego/page/subpage convert to c:\diego\page\subpages
|
||||||
|
$path = str_replace('/', DS, $path);
|
||||||
|
|
||||||
$real = realpath($path.$file);
|
$real = realpath($path.$file);
|
||||||
|
|
||||||
// If $real is FALSE the file does not exist.
|
// If $real is FALSE the file does not exist.
|
||||||
if($real===false)
|
if($real===false) {
|
||||||
return false;
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
// If the $real path does not start with the systemPath then this is Path Traversal.
|
// If the $real path does not start with the systemPath then this is Path Traversal.
|
||||||
if(strpos($path.$file, $real)!==0)
|
if(strpos($path.$file, $real)!==0) {
|
||||||
return false;
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,9 +4,10 @@ class Page extends fileContent
|
||||||
{
|
{
|
||||||
function __construct($key)
|
function __construct($key)
|
||||||
{
|
{
|
||||||
$this->path = PATH_PAGES;
|
// Database Key
|
||||||
|
$this->setField('key', $key);
|
||||||
|
|
||||||
parent::__construct($key);
|
parent::__construct(PATH_PAGES.$key.DS);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Returns the post title.
|
// Returns the post title.
|
||||||
|
|
|
@ -2,11 +2,12 @@
|
||||||
|
|
||||||
class Post extends fileContent
|
class Post extends fileContent
|
||||||
{
|
{
|
||||||
function __construct($slug)
|
function __construct($key)
|
||||||
{
|
{
|
||||||
$this->path = PATH_POSTS;
|
// Database Key
|
||||||
|
$this->setField('key', $key);
|
||||||
|
|
||||||
parent::__construct($slug);
|
parent::__construct(PATH_POSTS.$key.DS);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Returns the post title.
|
// Returns the post title.
|
||||||
|
|
|
@ -9,7 +9,13 @@
|
||||||
</h2>
|
</h2>
|
||||||
|
|
||||||
<p class="post-meta">
|
<p class="post-meta">
|
||||||
<span><?php echo $Language->get('Posted By').' '.$Post->author() ?></span>
|
<span><?php
|
||||||
|
|
||||||
|
if( Text::isNotEmpty($Post->author()) ) {
|
||||||
|
echo $Post->author();
|
||||||
|
}
|
||||||
|
|
||||||
|
?></span>
|
||||||
<span>Date: <?php echo $Post->dateCreated() ?></span>
|
<span>Date: <?php echo $Post->dateCreated() ?></span>
|
||||||
</p>
|
</p>
|
||||||
</header>
|
</header>
|
||||||
|
|
Loading…
Reference in New Issue