deblan-mirror/tinyfilemanager
deblan-mirror/tinyfilemanager
1
0
Fork 0
mirror of https://github.com/prasathmani/tinyfilemanager synced 2024-05-03 06:13:41 +02:00
Code Issues Projects Releases Wiki Activity

Check in file viewer and file editor

Browse source
This commit is contained in:
ner0 2023-05-28 20:39:37 +01:00
parent 1301b27e0e
commit f747457af5
1 changed files with 8 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
tinyfilemanager.php
View file

@ -1650,7 +1650,10 @@ if (isset($_GET['view'])) {
$file = $_GET['view'];
$file = fm_clean_path($file, false);
$file = str_replace('/', '', $file);
if ($file == '' || !is_file($path . '/' . $file) || in_array($file, $GLOBALS['exclude_items'])) {
if ($file == '' || !is_file($path . '/' . $file) || in_array($file, $GLOBALS['exclude_items']) || (
isset($exclude_items_users[$_SESSION[FM_SESSION_ID]['logged']]) &&
in_array($file, $exclude_items_users[$_SESSION[FM_SESSION_ID]['logged']]))
){
fm_set_msg(lng('File not found'), 'error');
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}
@ -1849,7 +1852,10 @@ if (isset($_GET['edit']) && !FM_READONLY) {
$file = $_GET['edit'];
$file = fm_clean_path($file, false);
$file = str_replace('/', '', $file);
if ($file == '' || !is_file($path . '/' . $file) || in_array($file, $GLOBALS['exclude_items'])) {
if ($file == '' || !is_file($path . '/' . $file) || in_array($file, $GLOBALS['exclude_items']) || (
isset($exclude_items_users[$_SESSION[FM_SESSION_ID]['logged']]) &&
in_array($file, $exclude_items_users[$_SESSION[FM_SESSION_ID]['logged']]))
){
fm_set_msg(lng('File not found'), 'error');
$FM_PATH=FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH));
}