From 0899936101ba8497092143eec7ca589395bb9740 Mon Sep 17 00:00:00 2001
From: Pim van den Berg
Date: Sun, 23 Mar 2014 00:42:03 +0100
Subject: inc/functions.inc.php: rm trailing slash in base and resolve symlink

When there was a symlink in the path of $base, strpos($realpath, $base)
would have always return false.

Closes: https://github.com/pommi/CGP/pull/49
---
 inc/functions.inc.php | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'inc')

diff --git a/inc/functions.inc.php b/inc/functions.inc.php
index 6642e51..fed4b10 100644
--- a/inc/functions.inc.php
+++ b/inc/functions.inc.php
@@ -31,6 +31,11 @@ function validate_get($value, $type) {
 }
 
 function validateRRDPath($base, $path) {
+	$base = preg_replace('/\/$/', '', $base);
+
+	# resolve possible symlink
+	$base = realpath($base);
+
 	$realpath = realpath(sprintf('%s/%s', $base, $path));
 
 	if (strpos($realpath, $base) === false)
-- 
cgit v1.1