From: Seamus Lee <seamuslee001@gmail.com>
Date: Mon, 21 Nov 2016 21:05:20 +0000 (+1100)
Subject: Ensure that the folder matches the http_host
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=c52438cd1960e62579a874c865d5423c217d7aec;p=civicrm-core.git

Ensure that the folder matches the http_host
---

diff --git a/CRM/Utils/System/DrupalBase.php b/CRM/Utils/System/DrupalBase.php
index e898b32002..943ea51905 100644
--- a/CRM/Utils/System/DrupalBase.php
+++ b/CRM/Utils/System/DrupalBase.php
@@ -646,7 +646,7 @@ abstract class CRM_Utils_System_DrupalBase extends CRM_Utils_System_Base {
         }
 
         //Check if files path exists...
-        if ($this->checkFilesExists($basepath, $folder)) {
+        if ($this->checkFilesExists($basepath, $folder) && $folder == $_SERVER['HTTP_HOST']) {
           $correct = $folder;
           break;
         }