Jingga/Developer-Guide
1
0
Fork 0
mirror of https://github.com/Karaka-Management/Developer-Guide.git synced 2026-02-04 15:08:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update security_guidelines.md

Browse Source
This commit is contained in:
Dennis Eichhorn 2015-12-27 21:32:54 +01:00
parent cef1b9f3e2
commit 77d1af501a
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
security_guidelines.md
View File

@ -99,14 +99,14 @@ path in order to make sure the path exists and for further validation.
Example usage: Example usage:
``` ```
if(($pathNew = realpath($path)) === false || strpos($pathNew, self::MODULE_PATH) === false) { if(($pathNew = realpath($path)) === false || strpos($pathNew, ROOT_PATH . '/Modules/' . self::$module) === false) {
throw new FilePathException($path); throw new FilePathException($path);
} }
``` ```
The example throws an exception if the path either doesn't exist or is trying The example throws an exception if the path either doesn't exist or is trying
to access a path that doesn't contain the path defined in `self::MODULE_PATH`. to access a path that doesn't contain the path defined in
Another validation could be: `ROOT_PATH . '/Modules/' . self::$module`. Another validation could be:
``` ```
if(($pathNew = realpath($path)) === false || !Validator::startsWith($pathNew, ROOT_PATH)) { if(($pathNew = realpath($path)) === false || !Validator::startsWith($pathNew, ROOT_PATH)) {