search

impresspages / ImpressPages

ImpressPages is php framework with admin panel. Build functional website in one hour.
http://www.impresspages.org
Other
501 stars 175 forks source link

bug in ImpressPages/Ip/Internal/Repository/BrowserModel.php line 69 #785

Closed severfire closed 8 years ago

severfire commented 8 years ago

ImpressPages/Ip/Internal/Repository/BrowserModel.php line 69

no else in if statement

        if ($secure) {
            if (strpos($relpath, realpath(ipFile('file/secure/'))) !== 0) {
                throw new \Ip\Exception("Restricted directory");
            }
        }  {
            if (strpos($relpath, realpath(ipFile('file/repository/'))) !== 0) {
                throw new \Ip\Exception("Restricted directory");
            }
        }

to: 

        if ($secure) {
            if (strpos($relpath, realpath(ipFile('file/secure/'))) !== 0) {
                throw new \Ip\Exception("Restricted directory");
            }
        } else {
            if (strpos($relpath, realpath(ipFile('file/repository/'))) !== 0) {
                throw new \Ip\Exception("Restricted directory");
            }
        }
maskas commented 8 years ago

Thanks