diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2010-01-02 10:51:47 -0800 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2010-01-02 10:51:47 -0800 |
| commit | f65794785a12ccdd289b24d061cb617740e7384b (patch) | |
| tree | 81840c7114c9f0d70285651f8428cf2603d01aa3 /modules/gallery | |
| parent | 0be0111b74c2a971b9c79f1dad29791eabe763b2 (diff) | |
Take precautions against deleting var/albums, var/thumbs or var/resizes.
Fixes ticket #916.
Diffstat (limited to 'modules/gallery')
| -rw-r--r-- | modules/gallery/models/item.php | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index e3d27b6d..2d62c386 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -76,9 +76,18 @@ class Item_Model extends ORM_MPTT { parent::delete(); if (is_dir($path)) { + // Take some precautions against accidentally deleting way too much + $delete_resize_path = dirname($resize_path); + $delete_thumb_path = dirname($thumb_path); + if ($delete_resize_path == VARPATH . "resizes" || + $delete_thumb_path == VARPATH . "thumbs" || + $path == VARPATH . "albums") { + throw new Exception( + "@todo DELETING_TOO_MUCH ($delete_resize_path, $delete_thumb_path, $path)"); + } @dir::unlink($path); - @dir::unlink(dirname($resize_path)); - @dir::unlink(dirname($thumb_path)); + @dir::unlink($delete_resize_path); + @dir::unlink($delete_thumb_path); } else { @unlink($path); @unlink($resize_path); |