diff --git a/inc/search.php b/inc/search.php index 935969d3f2fb2871b79e15c76826e07dddcbbb3b..cc3579c3c787d554b82cbd580d1d0bc1f46604ca 100644 --- a/inc/search.php +++ b/inc/search.php @@ -28,6 +28,11 @@ function search(&$data,$base,$func,$opts,$dir='',$lvl=1,$sort='natural'){ $files = array(); $filepaths = array(); + // safeguard against runaways #1452 + if($base == '' || $base == '/') { + throw new RuntimeException('No valid $base passed to search() - possible misconfiguration or bug'); + } + //read in directories and files $dh = @opendir($base.'/'.$dir); if(!$dh) return;