leo/kabano
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Guard admin deletes against missing files

Browse Source 
Co-authored-by: LeOSW42 <673670+LeOSW42@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-01-24 13:19:20 +00:00
parent 0ef2679808
commit c84ee486f3
1 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
controllers/d.admin.php
View File

@@ -68,7 +68,9 @@ if(isset($controller->splitted_url[1]) && $user->rankIsHigher("moderator")) {
$filename = $files_folder_root . DIRECTORY_SEPARATOR . $safe_name;
$real_filename = realpath($filename);
if ($real_filename && str_starts_with($real_filename, $files_folder_root . DIRECTORY_SEPARATOR)) {
unlink($real_filename);
if (file_exists($real_filename)) {
unlink($real_filename);
}
error_log(date('r')." \t".$user->name." (".$user->id.") \tDELETE \tDelete wiki file '".$safe_name."'\r\n",3,$config['logs_folder'].'wiki-files.log');
}
}
@@ -180,7 +182,9 @@ if(isset($controller->splitted_url[1]) && $user->rankIsHigher("moderator")) {
$delete_path = $tmp_folder_root . DIRECTORY_SEPARATOR . $safe_name;
$real_delete_path = realpath($delete_path);
if ($real_delete_path && str_starts_with($real_delete_path, $tmp_folder_root . DIRECTORY_SEPARATOR)) {
unlink($real_delete_path);
if (file_exists($real_delete_path)) {
unlink($real_delete_path);
}
}
}
$output = Array();
@@ -222,7 +226,9 @@ if(isset($controller->splitted_url[1]) && $user->rankIsHigher("moderator")) {
$delete_path = $tmp_folder_root . DIRECTORY_SEPARATOR . $safe_name;
$real_delete_path = realpath($delete_path);
if ($real_delete_path && str_starts_with($real_delete_path, $tmp_folder_root . DIRECTORY_SEPARATOR)) {
unlink($real_delete_path);
if (file_exists($real_delete_path)) {
unlink($real_delete_path);
}
}
}
}