X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fmain.inc;h=3d94aeb6900d1a85583ece6eef587f33015c96b9;hb=f2e7911580d86e0c75edeabc3ce5b106c9f23151;hp=fd4aa97759f8f26fd6e4c06cebccd6562034c38c;hpb=46adaa0c03e5bb3ec387cbd95483175be4f08dfb;p=fa-stable.git

diff --git a/includes/main.inc b/includes/main.inc
index fd4aa977..3d94aeb6 100644
--- a/includes/main.inc
+++ b/includes/main.inc
@@ -270,11 +270,12 @@ function check_write($path)
 function copy_files($flist, $from, $to, $strict=false)
 {
 	foreach ($flist as $file) {
-		if (file_exists($from.'/'.$file))
+		if (file_exists($from.'/'.$file)) {
 			if (!copy_file($file, $from, $to))
 				return false;
-		if ($strict && !is_file($from.'/'.$file)) // if 
+		} else if ($strict) {
 				unlink($to.'/'.$file);
+		}
 	}
 	return true;
 }
@@ -302,20 +303,22 @@ function copy_file($file, $from, $to)
 /*
 	Search for file, looking first for company specific version, then for 
 	version provided by any extension module, finally in main FA directory.
-	Also adds include path for any related files.
+	Also adds include path for any related files, and sets $local_path_to_root 
+	to enable local translation domains.
 	
 	Returns found file path or null.
 */
 function find_custom_file($rep)
 {
-	global $installed_extensions, $comp_path, $path_to_root;
+	global $installed_extensions, $path_to_root, $local_path_to_root;
 
 	// customized per company version
 	$path = company_path();
-	$file = $path.'/'.$rep;
+	$file = $path.$rep;
 	if (file_exists($file)) {
 		// add local include path
-		set_include_path($path.PATH_SEPARATOR.get_include_path());
+		$local_path_to_root = $path;
+		set_include_path(dirname($file).PATH_SEPARATOR.get_include_path());
 		return $file;
 	}
 	// file added by active extension modules
@@ -328,6 +331,7 @@ function find_custom_file($rep)
 				$file = $path.$rep;
 				if (file_exists($file)) {
 					set_include_path($path.PATH_SEPARATOR.get_include_path());
+					$local_path_to_root = $path;
 					return $file;
 				}
 			}
@@ -339,6 +343,13 @@ function find_custom_file($rep)
 
 	return null;
 }
-
+/*
+	
+	Protect against directory traversal.
+	Changes all not POSIX compatible chars to underscore.
+*/
+function clean_file_name($filename) {
+    return preg_replace('/[^a-zA-Z0-9.\-_]/', '_', $filename);
+}
 
 ?>
\ No newline at end of file