From 7cc37451f4b7f7fe833fd5d355dab0f2a904d35e Mon Sep 17 00:00:00 2001
From: Jan Koprowski <johny@falcon.(none)>
Date: Sat, 12 Sep 2009 20:36:02 +0200
Subject: Forbid from add symbolink link in admin server add.  Read ticket #744
 for more details.

---
 modules/server_add/controllers/admin_server_add.php | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

(limited to 'modules/server_add/controllers/admin_server_add.php')

diff --git a/modules/server_add/controllers/admin_server_add.php b/modules/server_add/controllers/admin_server_add.php
index fac2aa44..af9c5b22 100644
--- a/modules/server_add/controllers/admin_server_add.php
+++ b/modules/server_add/controllers/admin_server_add.php
@@ -34,15 +34,17 @@ class Admin_Server_Add_Controller extends Admin_Controller {
     $form = $this->_get_admin_form();
     $paths = unserialize(module::get_var("server_add", "authorized_paths", "a:0:{}"));
     if ($form->validate()) {
-      if (is_readable($form->add_path->path->value)) {
+      if (is_link($form->add_path->path->value)) {
+        $form->add_path->path->add_error("is_symlink", 1);
+      } else if (! is_readable($form->add_path->path->value)) {
+        $form->add_path->path->add_error("not_readable", 1);
+      } else {
         $path = $form->add_path->path->value;
         $paths[$path] = 1;
         module::set_var("server_add", "authorized_paths", serialize($paths));
         message::success(t("Added path %path", array("path" => $path)));
         server_add::check_config($paths);
         url::redirect("admin/server_add");
-      } else {
-        $form->add_path->path->add_error("not_readable", 1);
       }
     }
 
@@ -84,9 +86,10 @@ class Admin_Server_Add_Controller extends Admin_Controller {
                       array("id" => "gServerAddAdminForm"));
     $add_path = $form->group("add_path");
     $add_path->input("path")->label(t("Path"))->rules("required")
-      ->error_messages("not_readable", t("This directory is not readable by the webserver"));
+      ->error_messages("not_readable", t("This directory is not readable by the webserver"))
+      ->error_messages("is_symlink", t("Path can not be symbolic link"));
     $add_path->submit("add")->value(t("Add Path"));
 
     return $form;
   }
-}
\ No newline at end of file
+}
-- 
cgit v1.2.3


From c3f8b623766fe20768fb86c21e8455785b8e9928 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Tue, 15 Sep 2009 19:57:12 -0700
Subject: Adjust the text of the symlink error message.

---
 modules/server_add/controllers/admin_server_add.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/server_add/controllers/admin_server_add.php')

diff --git a/modules/server_add/controllers/admin_server_add.php b/modules/server_add/controllers/admin_server_add.php
index af9c5b22..7cd82d60 100644
--- a/modules/server_add/controllers/admin_server_add.php
+++ b/modules/server_add/controllers/admin_server_add.php
@@ -87,7 +87,7 @@ class Admin_Server_Add_Controller extends Admin_Controller {
     $add_path = $form->group("add_path");
     $add_path->input("path")->label(t("Path"))->rules("required")
       ->error_messages("not_readable", t("This directory is not readable by the webserver"))
-      ->error_messages("is_symlink", t("Path can not be symbolic link"));
+      ->error_messages("is_symlink", t("Symbolic links are not allowed"));
     $add_path->submit("add")->value(t("Add Path"));
 
     return $form;
-- 
cgit v1.2.3


From a5af531fbee1db0c3a0ae0d23388245b2d2ec2de Mon Sep 17 00:00:00 2001
From: Tim Almdal <tnalmdal@shaw.ca>
Date: Thu, 17 Sep 2009 07:04:11 -0700
Subject: Don't show links as part of the auto complete list

---
 modules/server_add/controllers/admin_server_add.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'modules/server_add/controllers/admin_server_add.php')

diff --git a/modules/server_add/controllers/admin_server_add.php b/modules/server_add/controllers/admin_server_add.php
index 7cd82d60..38190fee 100644
--- a/modules/server_add/controllers/admin_server_add.php
+++ b/modules/server_add/controllers/admin_server_add.php
@@ -36,7 +36,7 @@ class Admin_Server_Add_Controller extends Admin_Controller {
     if ($form->validate()) {
       if (is_link($form->add_path->path->value)) {
         $form->add_path->path->add_error("is_symlink", 1);
-      } else if (! is_readable($form->add_path->path->value)) {
+      } else if (!is_readable($form->add_path->path->value)) {
         $form->add_path->path->add_error("not_readable", 1);
       } else {
         $path = $form->add_path->path->value;
@@ -73,7 +73,7 @@ class Admin_Server_Add_Controller extends Admin_Controller {
     $directories = array();
     $path_prefix = $this->input->get("q");
     foreach (glob("{$path_prefix}*") as $file) {
-      if (is_dir($file)) {
+      if (is_dir($file) && !is_link($file)) {
         $directories[] = $file;
       }
     }
-- 
cgit v1.2.3