summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/server_add/controllers/admin_server_add.php13
1 files changed, 8 insertions, 5 deletions
diff --git a/modules/server_add/controllers/admin_server_add.php b/modules/server_add/controllers/admin_server_add.php
index fac2aa44..7cd82d60 100644
--- a/modules/server_add/controllers/admin_server_add.php
+++ b/modules/server_add/controllers/admin_server_add.php
@@ -34,15 +34,17 @@ class Admin_Server_Add_Controller extends Admin_Controller {
$form = $this->_get_admin_form();
$paths = unserialize(module::get_var("server_add", "authorized_paths", "a:0:{}"));
if ($form->validate()) {
- if (is_readable($form->add_path->path->value)) {
+ if (is_link($form->add_path->path->value)) {
+ $form->add_path->path->add_error("is_symlink", 1);
+ } else if (! is_readable($form->add_path->path->value)) {
+ $form->add_path->path->add_error("not_readable", 1);
+ } else {
$path = $form->add_path->path->value;
$paths[$path] = 1;
module::set_var("server_add", "authorized_paths", serialize($paths));
message::success(t("Added path %path", array("path" => $path)));
server_add::check_config($paths);
url::redirect("admin/server_add");
- } else {
- $form->add_path->path->add_error("not_readable", 1);
}
}
@@ -84,9 +86,10 @@ class Admin_Server_Add_Controller extends Admin_Controller {
array("id" => "gServerAddAdminForm"));
$add_path = $form->group("add_path");
$add_path->input("path")->label(t("Path"))->rules("required")
- ->error_messages("not_readable", t("This directory is not readable by the webserver"));
+ ->error_messages("not_readable", t("This directory is not readable by the webserver"))
+ ->error_messages("is_symlink", t("Symbolic links are not allowed"));
$add_path->submit("add")->value(t("Add Path"));
return $form;
}
-} \ No newline at end of file
+}
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 10:41:32 +0000