The world's
most advanced
component creator
for Joomla
|
Severity: high We recommend you to upgrade all your generated components, at least the following file : [backend component]/classes/file/file.php Concerned function : getDirectory()
Here is a copy of the content of the function for users who do not have renewed their account: public static function getDirectory($path)
{
$markers = [MYCOMPONENT]Helper::getDirectories();
$foundDir = false;
// Search and parse the folders aliases
foreach($markers as $marker => $pathStr)
{
// Make sure at least one folder alias has been defined
if (preg_match("/^\[" . $marker . "\]/", $path))
$foundDir = true;
$path = preg_replace("/^\[" . $marker . "\]/", $pathStr, $path);
}
// A Marker directory MUST be defined > Local File Inclusion security
if (!$foundDir)
return null;
// Protect against (Local File Inclusion)
$path = preg_replace("/\.\.+/", "", $path);
return $path;
}
|
“
”
I'm playing around with the new mvc and the FORK feature is FANTASTIC!!! it's saving me a lot of time! you are doing a very good job!!.