function get_abs_dir($path)
{
return path_f($path);
}
/**
Check if user is allowed to access $file in $directory
*/
function get_show_item($directory, $file)
{
// no relative paths are allowed in directories
if (preg_match("/\\.\\./", $directory)) {
return false;
}
if (isset($file)) {
// file name must not contain any path separators
if (preg_match("/[\\/\\\\]/", $file)) {
return false;
}
// dont display own and parent directory
if ($file == "." || $file == "..") {
return false;
}
// determine full path to the file
$full_path = get_abs_item($directory, $file);
_debug("full_path: {$full_path}");
if (!str_startswith($full_path, path_f())) {
return false;
}
}
// check if user is allowed to acces shidden files
global $show_hidden;
if (!$show_hidden) {
if ($file[0] == '.') {
return false;
}
// no part of the path may be hidden
$directory_parts = explode("/", $directory);
foreach ($directory_parts as $directory_part) {
if ($directory_part[0] == '.') {
return false;
}
}
}
if (matches_noaccess_pattern($file)) {
return false;
}
return true;
}