From b26367e9539758a28a561174a98b0d5ab3083be7 Mon Sep 17 00:00:00 2001 From: Ben Roberts Date: Sun, 21 Mar 2010 02:46:31 +0000 Subject: [PATCH] Added a page to display details about a source Placeholder source detail page which checks that the source is valid and lies below the configured rips.source_dir. --- pages/browse/source-details.php | 24 ++++++++++++++++++++++++ templates/browse/source-details.tpl | 23 +++++++++++++++++++++++ templates/browse/sources.tpl | 2 +- 3 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 pages/browse/source-details.php create mode 100644 templates/browse/source-details.tpl diff --git a/pages/browse/source-details.php b/pages/browse/source-details.php new file mode 100644 index 0000000..e20408b --- /dev/null +++ b/pages/browse/source-details.php @@ -0,0 +1,24 @@ +request(); +$config = $main->config(); + +// Grab the name of this source +$source_id = $req->get('id'); +$source = base64_decode(str_replace('-', '/', $source_id)); +$real_source = realpath($source); + +// Ensure the source is a valid directory, and lies below the configured source_dir +if (!is_dir($source)) { + return; +} + +$real_source_dir = realpath($config->get('rips.source_dir')); +if (substr($real_source, 0, strlen($real_source_dir)) != $real_source_dir) { + return; +} + +$this->smarty->assign('source', $source); + +?> \ No newline at end of file diff --git a/templates/browse/source-details.tpl b/templates/browse/source-details.tpl new file mode 100644 index 0000000..ab75372 --- /dev/null +++ b/templates/browse/source-details.tpl @@ -0,0 +1,23 @@ +

Source details

+ +{if $source} + + + + + + + + + + + + + + +
Source{$source|escape:"html"}
+{else} +

+ This is not a valid source. +

+{/if} \ No newline at end of file diff --git a/templates/browse/sources.tpl b/templates/browse/sources.tpl index ffa1766..b04198b 100644 --- a/templates/browse/sources.tpl +++ b/templates/browse/sources.tpl @@ -6,7 +6,7 @@

{else}