composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix PR remarks

Browse Source
This commit is contained in:
denis.flaven@combodo.com
2023-05-10 17:42:50 +02:00
parent 001194835f
commit 08ebac1b5c
2 changed files with 11 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
datamodels/2.x/itop-backup/dbrestore.class.inc.php
View File

@@ -232,8 +232,12 @@ class DBRestore extends DBBackup
$oIterator = new RecursiveIteratorIterator($oDirectoryIterator); $oIterator = new RecursiveIteratorIterator($oDirectoryIterator);
foreach ($oIterator as $oFileInfo) foreach ($oIterator as $oFileInfo)
{ {
if (in_array($oFileInfo->getFilename(), $aStandardFiles)) continue; if (in_array($oFileInfo->getFilename(), $aStandardFiles)) {
if (strncmp($oFileInfo->getPathname(), $sDataDir.'/production-modules', strlen($sDataDir.'/production-modules')) == 0) continue; continue;
}
if (strncmp($oFileInfo->getPathname(), $sDataDir.'/production-modules', strlen($sDataDir.'/production-modules')) == 0) {
continue;
}
$aExtraFiles[$oFileInfo->getPathname()] = APPROOT.substr($oFileInfo->getPathname(), strlen($sDataDir)); $aExtraFiles[$oFileInfo->getPathname()] = APPROOT.substr($oFileInfo->getPathname(), strlen($sDataDir));
} }

8
setup/backup.class.inc.php
View File

@@ -253,10 +253,12 @@ class DBBackup
$aExtraFiles = MetaModel::GetModuleSetting('itop-backup', 'extra_files', []); $aExtraFiles = MetaModel::GetModuleSetting('itop-backup', 'extra_files', []);
foreach($aExtraFiles as $sExtraFileOrDir) foreach($aExtraFiles as $sExtraFileOrDir)
{ {
if(!file_exists(APPROOT.'/'.$sExtraFileOrDir)) continue; // Ignore non-existing files if(!file_exists(APPROOT.'/'.$sExtraFileOrDir)) {
continue; // Ignore non-existing files
}
$sExtraFullPath = realpath(APPROOT.'/'.$sExtraFileOrDir); $sExtraFullPath = utils::RealPath(APPROOT.'/'.$sExtraFileOrDir, APPROOT);
if (strncmp(APPROOT, $sExtraFullPath, strlen(APPROOT)) !== 0) if ($sExtraFullPath === false)
{ {
throw new Exception("Backup: Aborting, resource '$sExtraFileOrDir'. Considered as UNSAFE because not inside the iTop directory."); throw new Exception("Backup: Aborting, resource '$sExtraFileOrDir'. Considered as UNSAFE because not inside the iTop directory.");
} }