Merge commit from fork

* Check if path is mounted in FileSelector * Use Path::isBasePath() Co-authored-by: Fritz Michael Gschwantner <fmg@inspiredminds.at> * Coding style Co-authored-by: Leo Feyer <1192057+leofeyer@users.noreply.github.com> --------- Co-authored-by: Fritz Michael Gschwantner <fmg@inspiredminds.at> Co-authored-by: Leo Feyer <1192057+leofeyer@users.noreply.github.com>
contao · Sep 17, 2024 · 63409c6 · 63409c6
1 parent c9a3a3c
commit 63409c6
Showing 1 changed file with 37 additions and 0 deletions.
diff --git a/core-bundle/src/Resources/contao/widgets/FileSelector.php b/core-bundle/src/Resources/contao/widgets/FileSelector.php
@@ -362,6 +362,11 @@ public function generateAjax($strFolder, $strField, $level, $mount=false)
 	 */
 	protected function renderFiletree($path, $intMargin, $mount=false, $blnProtected=true, $arrFound=array())
 	{
+		if (!$this->isMounted($path))
+		{
+			throw new \RuntimeException('Folder "' . $path . '" is not mounted or cannot be found.');
+		}
+
 		// Invalid path
 		if (!is_dir($path))
 		{
@@ -665,6 +670,38 @@ protected function isProtectedPath($path)
 
 		return true;
 	}
+
+	protected function isMounted($path)
+	{
+		if (Validator::isInsecurePath($path))
+		{
+			throw new \RuntimeException('Insecure path ' . $path);
+		}
+
+		$this->import(BackendUser::class, 'User');
+
+		$path = StringUtil::stripRootDir($path);
+		$filemounts = array();
+
+		if ($this->User->isAdmin)
+		{
+			$filemounts[] = System::getContainer()->getParameter('contao.upload_path');
+		}
+		elseif (\is_array($this->User->filemounts))
+		{
+			$filemounts = $this->User->filemounts;
+		}
+
+		foreach ($filemounts as $filemount)
+		{
+			if (Path::isBasePath($filemount, $path))
+			{
+				return true;
+			}
+		}
+
+		return false;
+	}
 }
 
 class_alias(FileSelector::class, 'FileSelector');