|
@@ -1,18 +1,23 @@
|
|
|
<?php
|
|
|
-require_once('report.php');
|
|
|
|
|
|
-function data_mkdir($path, $newdir){
|
|
|
- // pulisci
|
|
|
- $newdir = basename(trim($newdir));
|
|
|
- $newdirpath = realpath($GLOBALS["conf"]["data_basedir"].DIRECTORY_SEPARATOR.$path).DIRECTORY_SEPARATOR.$newdir;
|
|
|
+function data_mkdir($path,$newdir){
|
|
|
+ $filteredpath = realpath($GLOBALS["conf"]["data_basedir"]."/".trim($path));
|
|
|
|
|
|
- report(1, "BABABA ".$newdirpath);
|
|
|
+ if(strpos($filteredpath, $GLOBALS["conf"]["data_basedir"]) === FALSE){
|
|
|
+ return FALSE; // noooo
|
|
|
+ } else {
|
|
|
+ $absnewdirpath = $filteredpath."/".trim($newdir);
|
|
|
|
|
|
- if (!file_exists($newdirpath)) {
|
|
|
- return mkdir($newdirpath, 0755, false);
|
|
|
- }
|
|
|
-
|
|
|
- return false;
|
|
|
- }
|
|
|
+ if (!file_exists($absnewdirpath)) {
|
|
|
+ if (!mkdir($absnewdirpath, 0755, true)) {
|
|
|
+ return FALSE;
|
|
|
+ } else {
|
|
|
+ return TRUE;
|
|
|
+ }
|
|
|
+ } else {
|
|
|
+ return FALSE;
|
|
|
+ }
|
|
|
+ }
|
|
|
+}
|
|
|
|
|
|
?>
|