projects / webmin.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Better error if htaccess dir field is left empty
[webmin.git] / apache / create_htaccess.cgi
diff --git a/apache/create_htaccess.cgi b/apache/create_htaccess.cgi
index 29c7430..5c3e2f3 100755 (executable)
--- a/apache/create_htaccess.cgi
+++ b/apache/create_htaccess.cgi
@@ -3,9 +3,13 @@
 # Creates a new .htaccess file for some directory
 
 require './apache-lib.pl';
+&error_setup($text{'htaccess_err'});
 &ReadParse();
 $access{'global'} || &error($text{'htaccess_ecannot'});
 $conf = &get_config();
+$in{'file'} || &error($text{'htaccess_eempty'});
+$in{'file'} =~ /^\// && $in{'file'} !~ /\.\./ ||
+       &error($text{'htaccess_eabsolute'});
 
 if (-d $in{'file'}) {
        # user entered a directory.. create a file in that directory
@@ -13,7 +17,9 @@ if (-d $in{'file'}) {
        if (!$accfile) { $accfile = ".htaccess"; }
        $file = "$in{'file'}/$accfile";
        }
-else { $file = $in{'file'}; }
+else {
+       $file = $in{'file'};
+       }
 &allowed_auth_file($file) ||
        &error($text{'htaccess_ecreate'});
 
Webmin PERL server management