diff options
author | Andrew Dolgov <[email protected]> | 2019-08-14 09:49:18 +0300 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2019-08-14 09:49:18 +0300 |
commit | 3c075bfd21adac9a4dde4fab6bd22886d6173d30 (patch) | |
tree | 29e29d6fbb1ce196c5af807338c8a56abf518f85 /classes/diskcache.php | |
parent | 65450f8a2bbf325d26177c2589c3a9bbe67d8f80 (diff) |
DiskCache: more strict checking for input filenames, getUrl() is no longer static
Diffstat (limited to 'classes/diskcache.php')
-rw-r--r-- | classes/diskcache.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/classes/diskcache.php b/classes/diskcache.php index 41609d6b5..92fd23ad4 100644 --- a/classes/diskcache.php +++ b/classes/diskcache.php @@ -3,7 +3,7 @@ class DiskCache { private $dir; public function __construct($dir) { - $this->dir = CACHE_DIR . "/" . basename($dir); + $this->dir = CACHE_DIR . "/" . clean_filename($dir); } public function getDir() { @@ -39,7 +39,7 @@ class DiskCache { } public function getFullPath($filename) { - $filename = basename($filename); + $filename = clean_filename($filename); return $this->dir . "/" . $filename; } @@ -72,8 +72,8 @@ class DiskCache { return send_local_file($this->getFullPath($filename)); } - static public function getUrl($filename) { - return get_self_url_prefix() . "/public.php?op=cached_url&file=" . $filename; + public function getUrl($filename) { + return get_self_url_prefix() . "/public.php?op=cached_url&file=" . basename($this->dir) . "/" . $filename; } // check for locally cached (media) URLs and rewrite to local versions @@ -103,7 +103,7 @@ class DiskCache { if ($cache->getSize($cached_filename) > 0) { - $src = DiskCache::getUrl(sha1($src)); + $src = $cache->getUrl(sha1($src)); if ($entry->hasAttribute('poster')) $entry->setAttribute('poster', $src); |