Last active
December 16, 2015 20:39
-
-
Save coldfumonkeh/5494408 to your computer and use it in GitHub Desktop.
A quick function to check if a provided file / folder is within the ColdFusion webroot.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <cfscript> | |
| /** | |
| * Returns true if the specified path is within the webroot of the calling server / template. | |
| * It does not check for the existence of the file / directory in the provided path. | |
| * | |
| * @param path A full path to the file / location to query. | |
| * @return Returns a boolean value | |
| * @author Matt Gifford ([email protected]) | |
| * @version 1.0.0 | |
| * @date 1st May 2013 | |
| */ | |
| function isWithinWebroot(path) { | |
| var boolReturn = false; | |
| var local = {}; | |
| local.isInRoot = (listLen( arguments.path, "\/") - listLen(ExpandPath('/'), "\/")); | |
| if (local.isInRoot GTE 0) { | |
| boolReturn = true; | |
| } | |
| return boolReturn; | |
| } | |
| </cfscript> | |
| <cfoutput> | |
| /Applications/ColdFusion9/wwwroot/index.cfm: #isWithinWebroot("/Applications/ColdFusion9/wwwroot/index.cfm")#<br /><br /> | |
| /Applications/ColdFusion9/wwwroot/: #isWithinWebroot("/Applications/ColdFusion9/wwwroot/")#<br /><br /> | |
| /Applications/ColdFusion9/wwwroot: #isWithinWebroot("/Applications/ColdFusion9/wwwroot")#<br /><br /> | |
| /Applications/ColdFusion9/: #isWithinWebroot("/Applications/ColdFusion9/")# | |
| </cfoutput> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment