From 567eefb2bd2bf280391786ea171dad0bdb0b442d Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 12 Mar 2013 22:35:31 +0100 Subject: [PATCH] [ticket/11362] Correctly sanitise the directory path We need to correctly remove ../ form the path if possible by removing the previous folder aswell. Otherwise the finder is unable to locate /adm/style directories in extensions as he is looking for /adm/../adm/style instead. PHPBB3-11362 --- phpBB/includes/extension/finder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/extension/finder.php b/phpBB/includes/extension/finder.php index f71e32bc8d..d9aacc38ff 100644 --- a/phpBB/includes/extension/finder.php +++ b/phpBB/includes/extension/finder.php @@ -227,7 +227,7 @@ class phpbb_extension_finder */ protected function sanitise_directory($directory) { - $directory = preg_replace('#(?:^|/)\./#', '/', $directory); + $directory = phpbb_clean_path($directory); $dir_len = strlen($directory); if ($dir_len > 1 && $directory[$dir_len - 1] === '/')