← Back to branch summary

~canonical-sysadmins/wordpress/upstream

« back to all changes in this revision

Viewing changes to wp-includes/functions.php

  • Committer: Barry Price
  • Date: 2019-10-16 07:26:33 UTC
  • Revision ID: barry.price@canonical.com-20191016072633-1jg1zi7uh0fpem6g
new upstream release 5.1.3

Show diffs side-by-side

added added

removed removed

Lines of Context:
wp-includes/functions.php
1787
1787
                return @is_dir( $target );
1788
1788
        }
1789
1789
 
 
1790
        // Do not allow path traversals.
 
1791
        if ( false !== strpos( $target, '../' ) || false !== strpos( $target, '..' . DIRECTORY_SEPARATOR ) ) {
 
1792
                return false;
 
1793
        }
 
1794
 
1790
1795
        // We need to find the permissions of the parent folder that exists and inherit that.
1791
1796
        $target_parent = dirname( $target );
1792
1797
        while ( '.' != $target_parent && ! is_dir( $target_parent ) && dirname( $target_parent ) !== $target_parent ) {