X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=CRM%2FUtils%2FFile.php;h=97b54fa5ff9af320b9c0aa14f71fad8d3f5e2ecc;hb=18d1c72fc51ff8a8f8b34d8d37996850b90f640d;hp=209b52078bb8278a3f431bc6e5e95ce37e119d53;hpb=f8081da71a38f5c4ec468f68246c459c2fc76bf1;p=civicrm-core.git

diff --git a/CRM/Utils/File.php b/CRM/Utils/File.php
index 209b52078b..97b54fa5ff 100644
--- a/CRM/Utils/File.php
+++ b/CRM/Utils/File.php
@@ -1,7 +1,7 @@
 <?php
 /*
  +--------------------------------------------------------------------+
- | CiviCRM version 4.3                                                |
+ | CiviCRM version 4.4                                                |
  +--------------------------------------------------------------------+
  | Copyright CiviCRM LLC (c) 2004-2013                                |
  +--------------------------------------------------------------------+
@@ -380,11 +380,11 @@ class CRM_Utils_File {
    *
    * @param string $dir  the directory to be secured
    */
-  static function restrictAccess($dir) {
+  static function restrictAccess($dir, $overwrite = FALSE) {
     // note: empty value for $dir can play havoc, since that might result in putting '.htaccess' to root dir
     // of site, causing site to stop functioning.
     // FIXME: we should do more checks here -
-    if (!empty($dir)) {
+    if (!empty($dir) && is_dir($dir)) {
       $htaccess = <<<HTACCESS
 <Files "*">
   Order allow,deny
@@ -393,8 +393,38 @@ class CRM_Utils_File {
 
 HTACCESS;
       $file = $dir . '.htaccess';
-      if (file_put_contents($file, $htaccess) === FALSE) {
-        CRM_Core_Error::movedSiteError($file);
+      if ($overwrite || !file_exists($file)) {
+        if (file_put_contents($file, $htaccess) === FALSE) {
+          CRM_Core_Error::movedSiteError($file);
+        }
+      }
+    }
+  }
+
+  /**
+   * Restrict remote users from browsing the given directory.
+   *
+   * @param $publicDir
+   */
+  static function restrictBrowsing($publicDir) {
+    if (!is_dir($publicDir) || !is_writable($publicDir)) {
+      return;
+    }
+
+    // base dir
+    $nobrowse = realpath($publicDir) . '/index.html';
+    if (!file_exists($nobrowse)) {
+      @file_put_contents($nobrowse, '');
+    }
+
+    // child dirs
+    $dir = new RecursiveDirectoryIterator($publicDir);
+    foreach ($dir as $name => $object) {
+      if (is_dir($name) && $name != '..') {
+        $nobrowse = realpath($name) . '/index.html';
+        if (!file_exists($nobrowse)) {
+          @file_put_contents($nobrowse, '');
+        }
       }
     }
   }