From 9e5ed7b329d6d352338f25b322ec40f23b1ee6aa Mon Sep 17 00:00:00 2001
From: zendyani <zendyani@gmail.com>
Date: Thu, 4 Jul 2013 01:19:23 +0100
Subject: [PATCH] add deny display by file name and|or file extension

---
 config.php         |  5 ++++-
 core/browser.php   |  4 ++--
 lib/helper_dir.php | 49 +++++++++++++++++++++++++++-------------------
 3 files changed, 35 insertions(+), 23 deletions(-)

diff --git a/config.php b/config.php
index 41d4f10..f113cb4 100644
--- a/config.php
+++ b/config.php
@@ -85,7 +85,10 @@
     ),
 
     'deniedExts' => "exe com msi bat php phps phtml php3 php4 cgi pl",
-
+    'deniedAcces' => array(
+            "files"=>array(".gitignore",'.htaccess'),
+            "ext"=>array("xml","php","bat","exe"),
+    ),
 
 // MISC SETTINGS
 
diff --git a/core/browser.php b/core/browser.php
index 46e8852..19f61b9 100644
--- a/core/browser.php
+++ b/core/browser.php
@@ -703,7 +703,7 @@ protected function getFiles($dir) {
         $thumbDir = "{$this->config['uploadDir']}/{$this->config['thumbsDir']}/$dir";
         $dir = "{$this->config['uploadDir']}/$dir";
         $return = array();
-        $files = dir::content($dir, array('types' => "file"));
+        $files = dir::content($dir, array('types' => "file", 'deniedAcces'  =>  $this->config['deniedAcces']));
         if ($files === false)
             return $return;
 
@@ -799,7 +799,7 @@ protected function getDir($existent=true) {
     }
 
     protected function getDirs($dir) {
-        $dirs = dir::content($dir, array('types' => "dir"));
+        $dirs = dir::content($dir, array('types' => "dir", 'deniedAcces'  =>  $this->config['deniedAcces']));
         $return = array();
         if (is_array($dirs)) {
             $writable = dir::isWritable($dir);
diff --git a/lib/helper_dir.php b/lib/helper_dir.php
index 99eb6ae..0b66b12 100644
--- a/lib/helper_dir.php
+++ b/lib/helper_dir.php
@@ -92,6 +92,7 @@ static function content($dir, array $options=null) {
         $defaultOptions = array(
             'types' => "all",   // Allowed: "all" or possible return values
                                 // of filetype(), or an array with them
+            'deniedAcces' => false, 
             'addPath' => true,  // Whether to add directory path to filenames
             'pattern' => '/./', // Regular expression pattern for filename
             'followLinks' => true
@@ -117,28 +118,36 @@ static function content($dir, array $options=null) {
 
         $files = array();
         while (($file = @readdir($dh)) !== false) {
-            $type = filetype("$dir/$file");
-
-            if ($options['followLinks'] && ($type === "link")) {
-                $lfile = "$dir/$file";
-                do {
-                    $ldir = dirname($lfile);
-                    $lfile = @readlink($lfile);
-                    if (substr($lfile, 0, 1) != "/")
-                        $lfile = "$ldir/$lfile";
-                    $type = filetype($lfile);
-                } while ($type == "link");
-            }
+            $deniedAcces = false;   //init deny
+            
+            if( (is_array($options['deniedAcces']["files"])) && in_array($file,$options['deniedAcces']["files"]) OR (is_array($options['deniedAcces']["ext"])) && in_array(strtolower(file::getExtension($file)),$options['deniedAcces']["ext"]) )
+                $deniedAcces = true ;
+
+            if(!$deniedAcces){
+
+                $type = filetype("$dir/$file");
+
+                if ($options['followLinks'] && ($type === "link")) {
+                    $lfile = "$dir/$file";
+                    do {
+                        $ldir = dirname($lfile);
+                        $lfile = @readlink($lfile);
+                        if (substr($lfile, 0, 1) != "/")
+                            $lfile = "$ldir/$lfile";
+                        $type = filetype($lfile);
+                    } while ($type == "link");
+                }
 
-            if ((($type === "dir") && (($file == ".") || ($file == ".."))) ||
-                !preg_match($options['pattern'], $file)
-            )
-                continue;
+                if ((($type === "dir") && (($file == ".") || ($file == ".."))) ||
+                    !preg_match($options['pattern'], $file)
+                )
+                    continue;
 
-            if (($options['types'] === "all") || ($type === $options['types']) ||
-                ((is_array($options['types'])) && in_array($type, $options['types']))
-            )
-                $files[] = $options['addPath'] ? "$dir/$file" : $file;
+                if (($options['types'] === "all") || ($type === $options['types']) ||
+                    ((is_array($options['types'])) && in_array($type, $options['types']))
+                )
+                    $files[] = $options['addPath'] ? "$dir/$file" : $file;
+            }
         }
         closedir($dh);
         usort($files, array("dir", "fileSort"));