From: Tim Otten <totten@civicrm.org>
Date: Thu, 6 Feb 2014 16:35:55 +0000 (-0800)
Subject: CRM-14091, CRM-14092 - Defensive programming
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=a848882652fbc20acd3527078e08a21475eed7f8;p=civicrm-core.git

CRM-14091, CRM-14092 - Defensive programming
---

diff --git a/CRM/Utils/Check/Security.php b/CRM/Utils/Check/Security.php
index 3c8ed4a079..bb076daa75 100644
--- a/CRM/Utils/Check/Security.php
+++ b/CRM/Utils/Check/Security.php
@@ -256,10 +256,14 @@ class CRM_Utils_Check_Security {
    * @return bool
    */
   public function isBrowsable($dir, $url) {
+    if (empty($dir) || empty($url)) {
+      return FALSE;
+    }
+
     $result = FALSE;
     $file = 'delete-this-' . CRM_Utils_String::createRandom(10, CRM_Utils_String::ALPHANUMERIC);
 
-    // this could be a new system with uploads yet -- so we'll make a file
+    // this could be a new system with no uploads (yet) -- so we'll make a file
     file_put_contents("$dir/$file", "delete me");
     $content = @file_get_contents("$url");
     if (stristr($content, $file)) {