From 623dfa13845e34c85eae2a66c6aa855c3e059c38 Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Mon, 9 Oct 2017 15:13:25 -0700
Subject: purify user-supplied filenames in some cases. Probably not needed but
 it's the right thing to do.

---
 include/text.php | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'include/text.php')

diff --git a/include/text.php b/include/text.php
index 80914747b..8a65be0d5 100644
--- a/include/text.php
+++ b/include/text.php
@@ -3156,3 +3156,9 @@ function ellipsify($s,$maxlen) {
 
 	return mb_substr($s,0,$maxlen / 2) . '...' . mb_substr($s,mb_strlen($s) - ($maxlen / 2));
 }
+
+function purify_filename($s) {
+	if(($s[0] === '.') || strpos($s,'/') !== false)
+		return '';
+	return $s;
+}
-- 
cgit v1.2.3