Updated Useful Functions for Plugin and Theme Security (markdown)

Useful-Functions-for-Plugin-and-Theme-Security.md

@@ -50,10 +50,14 @@ function zip_only_contains_allowed_extensions($zip_path, array $allowed_extensio
 
     for ($i = 0; $i < $zip->numFiles; $i++) {
         $stat = $zip->statIndex( $i );
-
+    
+    	// Skip folders name (but their content will be checked)
+    	if (substr($stat['name'], -1) === '/')
+        	continue;
+        
         $ext = pathinfo($stat['name'], PATHINFO_EXTENSION);
 
-        //print_r( "{$stat['name']} => {$ext}" . PHP_EOL );
+        //print_r( "{$stat['name']} => {$ext}" . PHP_EOL . "<br/>");
 
         if (!in_array(strtolower($ext), $allowed_extensions))
             return false;
@@ -62,5 +66,5 @@ function zip_only_contains_allowed_extensions($zip_path, array $allowed_extensio
 }
 
 // Testing things out
-var_dump(zip_only_contains_allowed_extensions('mixed.zip', ['png']));
+var_dump(zip_only_contains_allowed_extensions('Archive.zip', ['png']));
 ```