CRM-14091, CRM-14092 - Defensive programming

a8488826 · totten · 384f991e · a8488826
Commit a8488826 authored 11 years ago by totten
--- a/CRM/Utils/Check/Security.php
+++ b/CRM/Utils/Check/Security.php
@@ -256,10 +256,14 @@ class CRM_Utils_Check_Security {
   * @return bool
   */
  public function isBrowsable($dir, $url) {
+    if (empty($dir) || empty($url)) {
+      return FALSE;
+    }
+
    $result = FALSE;
    $file = 'delete-this-' . CRM_Utils_String::createRandom(10, CRM_Utils_String::ALPHANUMERIC);

-    // this could be a new system with uploads yet -- so we'll make a file
+    // this could be a new system with no uploads (yet) -- so we'll make a file
    file_put_contents("$dir/$file", "delete me");
    $content = @file_get_contents("$url");
    if (stristr($content, $file)) {