Skip to content
This repository has been archived by the owner on Nov 25, 2020. It is now read-only.

Commit

Permalink
Fix filter accessible files before adding to zip
Browse files Browse the repository at this point in the history
  • Loading branch information
@c12simple
c12simple committed Jan 22, 2018
1 parent f4d1ad4 commit 245161f
Showing 1 changed file with 10 additions and 6 deletions.
16 changes: 10 additions & 6 deletions core/src/plugins/access.fs/FsAccessDriver.php
View file
Expand Up @@ -2407,8 +2407,6 @@ public function nodeWillChange($node, $newSize = null)
*/
public function makeZip (UserSelection $selection, $dest, $basedir, $taskId = null)
{


@set_time_limit(0);
require_once(AJXP_BIN_FOLDER."/lib/pclzip.lib.php");
$filePaths = [];
Expand All @@ -2430,7 +2428,7 @@ public function makeZip (UserSelection $selection, $dest, $basedir, $taskId = nu
$fsEncoding = TextEncoder::getEncoding();
$ctx = $selection->getContext();

$preAddCallback = function($value, &$header) use ($ctx, $taskId, $zipEncoding, $fsEncoding){
$preAddCallback = function($value, &$header) use ($ctx, $taskId, $zipEncoding, $fsEncoding, $selection){
if($taskId !== null){
TaskService::getInstance()->updateTaskStatus($taskId, Task::STATUS_RUNNING, "Adding ".$header["stored_filename"]." to archive");
}
Expand All @@ -2441,7 +2439,15 @@ public function makeZip (UserSelection $selection, $dest, $basedir, $taskId = nu
$header["stored_filename"] = $test;
}
}
return !($this->filterFile($ctx, $search, true) || $this->filterFolder($ctx, $search, "contains"));

// test permission on all files before adding to zip
$topUrl = $selection->currentBaseUrl();
$realPath = MetaStreamWrapper::getRealFSReference($topUrl);
$newNode = new AJXP_Node(str_replace($realPath, $topUrl, $search));
$newNode->setUserId($ctx->getUser()->getId());
$isAccessible = $this->isReadable($newNode) || $this->isWriteable($newNode);

return !($this->filterFile($ctx, $search, true) || $this->filterFolder($ctx, $search, "contains")) && $isAccessible;
};

if($basedir == "__AJXP_ZIP_FLAT__/"){
Expand Down Expand Up @@ -2580,8 +2586,6 @@ public function makeSharedRepositoryOptions(ContextInterface $ctx, $httpVars)
}
return $newOptions;
}


}

function cropFilename($filename, $max_length)
Expand Down

0 comments on commit 245161f

Please sign in to comment.