Skip to content

Commit

Permalink
Added another security check to cached files
Browse files Browse the repository at this point in the history
  • Loading branch information
@mystralkk
mystralkk committed Nov 23, 2017
1 parent 5ee56ea commit 854c26a
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion system/classes/Cache/FileSystem.php
View file
Expand Up @@ -11,6 +11,8 @@
*/
class FileSystem implements CacheInterface
{
const SECURITY_HEADER = "<?php if (!defined('VERSION')) { die('This file cannot be used on its own!'); } ?>\n";

/**
* @var string
*/
Expand Down Expand Up @@ -120,6 +122,8 @@ public function get($key, $defaultValue = null)
return $defaultValue;
}

// Remove security header
$temp = str_replace(self::SECURITY_HEADER, '', $temp);
$data = @unserialize($temp);

if ($data === false) {
Expand Down Expand Up @@ -157,8 +161,9 @@ public function set($key, $data, $ttl = 0)
'ttl' => (int) $ttl,
'hash' => $this->getHash($data),
);
$serialized = self::SECURITY_HEADER . serialize($item);

return (@file_put_contents($fileName, serialize($item)) !== false);
return (@file_put_contents($fileName, $serialized) !== false);
}

/**
Expand Down

0 comments on commit 854c26a

Please sign in to comment.