diff --git a/inc/lib_filesystem.php b/inc/lib_filesystem.php index accc133b7b6fa6a44223874b10bf34d38ad9a037..170d296bd23d3f8789f00ea56520032421cb5ca9 100644 --- a/inc/lib_filesystem.php +++ b/inc/lib_filesystem.php @@ -125,7 +125,7 @@ class OC_FILESYSTEM{ if(substr($path,0,1)!=='/'){ $path='/'.$path; } - if(strstr($path,'/../')){ + if(strstr($path,'/../') || strrchr($path, '/') === '/..' ){ return false; } return true;//dummy untill premissions are correctly implemented, also the correcty value because for now users are locked in their seperate data dir and can read/write everything in there