From 5434bacabe9fec9a069f1dd8662eceba6beddbf4 Mon Sep 17 00:00:00 2001
From: skodak <skodak>
Date: Sat, 16 Sep 2006 17:15:18 +0000
Subject: [PATCH] backupdata folder is not visible in directory resource any
 more, the backup files were not downloadable, but they might be stored in
 browser cache when teacher and student were logged from the same browser and
 computer account - MDL-6280 ; merged from MOODLE_16_STABLE

---
 mod/resource/type/directory/resource.class.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/mod/resource/type/directory/resource.class.php b/mod/resource/type/directory/resource.class.php
index 1d50a7c81f..3d84d397f9 100644
--- a/mod/resource/type/directory/resource.class.php
+++ b/mod/resource/type/directory/resource.class.php
@@ -39,6 +39,9 @@ function display() {
             error("The value for 'subdir' contains illegal characters!");
         }
         $relativepath = "$relativepath$subdir";
+        if (stripos($relativepath, 'backupdata') !== FALSE) {
+            error("Access not allowed!");
+        }
 
         $subs = explode('/', $subdir);
         array_shift($subs);
@@ -99,7 +102,9 @@ function display() {
          "<th align=\"right\" class=\"header date\">$strmodified</th>".
          "</tr>";
     foreach ($files as $file) {
-        if (is_dir("$CFG->dataroot/$relativepath/$file")) {          // Must be a directory
+        if ($file == 'backupdata') {
+            continue;
+        } else if (is_dir("$CFG->dataroot/$relativepath/$file")) {          // Must be a directory
             $icon = "folder.gif";
             $relativeurl = "/view.php?blah";
             $filesize = display_size(get_directory_size("$CFG->dataroot/$relativepath/$file"));
-- 
2.39.5