Merge branch 'master' of git@github.com:gallery/gallery3 into talmdal_dev

1 files changed, 8 insertions, 5 deletions

diff --git a/modules/server_add/controllers/admin_server_add.php b/modules/server_add/controllers/admin_server_add.php
index fac2aa44..7cd82d60 100644
--- a/modules/server_add/controllers/admin_server_add.php
+++ b/modules/server_add/controllers/admin_server_add.php
@@ -34,15 +34,17 @@ class Admin_Server_Add_Controller extends Admin_Controller {
     $form = $this->_get_admin_form();
     $paths = unserialize(module::get_var("server_add", "authorized_paths", "a:0:{}"));
     if ($form->validate()) {
-      if (is_readable($form->add_path->path->value)) {
+      if (is_link($form->add_path->path->value)) {
+        $form->add_path->path->add_error("is_symlink", 1);
+      } else if (! is_readable($form->add_path->path->value)) {
+        $form->add_path->path->add_error("not_readable", 1);
+      } else {
         $path = $form->add_path->path->value;
         $paths[$path] = 1;
         module::set_var("server_add", "authorized_paths", serialize($paths));
         message::success(t("Added path %path", array("path" => $path)));
         server_add::check_config($paths);
         url::redirect("admin/server_add");
-      } else {
-        $form->add_path->path->add_error("not_readable", 1);
       }
     }
 
@@ -84,9 +86,10 @@ class Admin_Server_Add_Controller extends Admin_Controller {
                       array("id" => "gServerAddAdminForm"));
     $add_path = $form->group("add_path");
     $add_path->input("path")->label(t("Path"))->rules("required")
-      ->error_messages("not_readable", t("This directory is not readable by the webserver"));
+      ->error_messages("not_readable", t("This directory is not readable by the webserver"))
+      ->error_messages("is_symlink", t("Symbolic links are not allowed"));
     $add_path->submit("add")->value(t("Add Path"));
 
     return $form;
   }
-}
\ No newline at end of file
+}