Verified Commit 9c097248 authored by Alexandre Morin's avatar Alexandre Morin
Browse files

Deny symbolic link deposit

parent 93ce9e35
......@@ -205,6 +205,13 @@ class ArchiveTransfer extends abstractMessage
foreach (scandir($zipFolder) as $file) {
if ($file != "." && $file != "..") {
if (unlink($zipFolder.DIRECTORY_SEPARATOR.$file)) {
$this->sendError("202", "The container file contains symbolic links");
$exception = \laabs::newException('medona/invalidMessageException', "Invalid message", 400);
$exception->errors = $this->errors;
throw $exception;
}
rename($zipFolder.DIRECTORY_SEPARATOR.$file, $messageDir.DIRECTORY_SEPARATOR.$file);
if (pathinfo($file, PATHINFO_FILENAME) == pathinfo($filename, PATHINFO_FILENAME)) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment