Updated Useful Functions for Plugin and Theme Security (markdown)

2021-05-31 15:32:42 +02:00
parent 20d49426a0
commit 63b0148111
1 changed files with 2 additions and 3 deletions
--- a/Useful-Functions-for-Plugin-and-Theme-Security.md
+++ b/Useful-Functions-for-Plugin-and-Theme-Security.md
@@ -50,13 +50,12 @@ function zip_only_contains_allowed_extensions($zip_path, array $allowed_extensio

    for ($i = 0; $i < $zip->numFiles; $i++) {
        $stat = $zip->statIndex( $i );
+        $ext = pathinfo($stat['name'], PATHINFO_EXTENSION);
    
    	// Skip folders name (but their content will be checked)
-    	if (substr($stat['name'], -1) === '/')
+    	if ($ext === '' && substr($stat['name'], -1) === '/')
            continue;

-        $ext = pathinfo($stat['name'], PATHINFO_EXTENSION);
-
        //print_r( "{$stat['name']} => {$ext}" . PHP_EOL . "<br/>");

        if (!in_array(strtolower($ext), $allowed_extensions))