From b03433d8a80e26b03e49e5cbcb2780bd2f63c681 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Mon, 8 Jan 2018 17:28:05 +0100
Subject: [PATCH] * added missing function is_sub_dir (to the last commit)

---
 system/libs/plugins.php | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/system/libs/plugins.php b/system/libs/plugins.php
index 6a287983..06651b40 100644
--- a/system/libs/plugins.php
+++ b/system/libs/plugins.php
@@ -38,6 +38,34 @@ spl_autoload_register(function ($class) {
 	}
 });
 
+function is_sub_dir($path = NULL, $parent_folder = SITE_PATH) {
+	
+	//Get directory path minus last folder
+	$dir = dirname($path);
+	$folder = substr($path, strlen($dir));
+	
+	//Check the the base dir is valid
+	$dir = realpath($dir);
+	
+	//Only allow valid filename characters
+	$folder = preg_replace('/[^a-z0-9\.\-_]/i', '', $folder);
+	
+	//If this is a bad path or a bad end folder name
+	if( !$dir OR !$folder OR $folder === '.') {
+		return FALSE;
+	}
+	
+	//Rebuild path
+	$path = $dir. '/' . $folder;
+	
+	//If this path is higher than the parent folder
+	if( strcasecmp($path, $parent_folder) > 0 ) {
+		return $path;
+	}
+	
+	return FALSE;
+}
+
 class Plugins {
 	private static $warnings = array();
 	private static $error = null;