diff options
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/server_add/controllers/admin_server_add.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/modules/server_add/controllers/admin_server_add.php b/modules/server_add/controllers/admin_server_add.php index 0c741513..954c9ef6 100644 --- a/modules/server_add/controllers/admin_server_add.php +++ b/modules/server_add/controllers/admin_server_add.php @@ -35,12 +35,12 @@ class Admin_Server_Add_Controller extends Admin_Controller { $form = $this->_get_admin_form(); $paths = unserialize(module::get_var("server_add", "authorized_paths", "a:0:{}")); if ($form->validate()) { - if (is_link($form->add_path->path->value)) { + $path = html_entity_decode($form->add_path->path->value); + if (is_link($path)) { $form->add_path->path->add_error("is_symlink", 1); - } else if (!is_readable($form->add_path->path->value)) { + } else if (!is_readable($path)) { $form->add_path->path->add_error("not_readable", 1); } else { - $path = $form->add_path->path->value; $paths[$path] = 1; module::set_var("server_add", "authorized_paths", serialize($paths)); message::success(t("Added path %path", array("path" => $path))); @@ -75,7 +75,7 @@ class Admin_Server_Add_Controller extends Admin_Controller { $path_prefix = Input::instance()->get("q"); foreach (glob("{$path_prefix}*") as $file) { if (is_dir($file) && !is_link($file)) { - $directories[] = $file; + $directories[] = html::clean($file); } } |