continued :)

[phpgitweb.git] / htdocs / lib / ProjectLoader.class.php

diff --git a/htdocs/lib/ProjectLoader.class.php b/htdocs/lib/ProjectLoader.class.php
index 8c0c1313419da3f88d360f0cf55c5fc1732e0472..20ee218aa6a91a6aecdb301fa59c5bcae76afabc 100644 (file)
--- a/htdocs/lib/ProjectLoader.class.php
+++ b/htdocs/lib/ProjectLoader.class.php
@@ -47,6 +47,8 @@ class ProjectLoader {
                $project['name'] = $name;
         
         $dir_seperator = (substr(GitConfig::PROJECT_ROOT, -1) == '/' ? '' : '/');
+               if(!Validation::validate_path($name))
+                       return NULL;
         if(is_dir(GitConfig::PROJECT_ROOT.$dir_seperator.$name))
             $project['path'] = GitConfig::PROJECT_ROOT.$dir_seperator.$name;
         else if(is_dir(GitConfig::PROJECT_ROOT.$dir_seperator.$name.".git"))
@@ -115,7 +117,7 @@ class ProjectLoader {
        private function getProjectRefsRecursive(&$project, $cref) {
                if ($dh = opendir($project['path'].'/'.$cref)) {
                        while (($file = readdir($dh)) !== false) {
-                               if($file == '.' || $file == '..')
+                               if($file[0] == '.')
                                        continue;
                                if(is_dir($project['path'].'/'.$cref.'/'.$file))
                                        $this->getProjectRefsRecursive($project, $cref.'/'.$file);