Skip to content
Snippets Groups Projects
Commit e151210a authored by Lukas Reschke's avatar Lukas Reschke
Browse files

Simplify the isSubDirectory() function 

isSubDirectory() checks if a specified $sub is a subdirectory of the
$parent, this is needed to prevent file inclusions.

Actually, the current code is more kind of a "hack" which I always
struggle over if browsing through source. So this should be a much
better implementation.

The implementation is really straightforward:
- [realpath()](http://php.net/manual/function.realpath.php) expands all
symbolic links and resolves references to '/./', '/../' and extra '/'
characters in the input path and return the canonicalized absolute
pathname.
- [strpos()](php.net/manual/function.strpos.php) returns FALSE if the
substring wasn't found.

Since this is an absolutely critical piece of code, I'd like to ensure
that this is absolutely safe!
parent 981fd5e4
No related branches found
No related tags found
Hide whitespace changes
Inline Side-by-side
Showing
with 2 additions and 22 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment