From 8c7ae6c890a2bf6b96e7011816963fe10cb38259 Mon Sep 17 00:00:00 2001
From: Albert Santoni <albert.santoni@sourcefabric.org>
Date: Fri, 20 Mar 2015 17:23:53 -0400
Subject: [PATCH] Added safety checks to Amazon_S3StorageBackend

---
 .../cloud_storage/Amazon_S3StorageBackend.php | 26 +++++++++++++++----
 1 file changed, 21 insertions(+), 5 deletions(-)

diff --git a/airtime_mvc/application/cloud_storage/Amazon_S3StorageBackend.php b/airtime_mvc/application/cloud_storage/Amazon_S3StorageBackend.php
index e2b6a1ba6..6a05bd9a5 100644
--- a/airtime_mvc/application/cloud_storage/Amazon_S3StorageBackend.php
+++ b/airtime_mvc/application/cloud_storage/Amazon_S3StorageBackend.php
@@ -53,14 +53,30 @@ class Amazon_S3StorageBackend extends StorageBackend
     // Records in the database will remain in case we have to restore the files.
     public function deleteAllCloudFileObjects()
     {
-        $this->s3Client->deleteMatchingObjects(
-            $bucket = $this->getBucket(),
-            $prefix = $this->getFilePrefix());
+        $bucket = $this->getBucket();
+        $prefix = $this->getFilePrefix();
+
+        //Add a trailing slash in for safety
+        //(so that deleting /13/413 doesn't delete /13/41313 !)
+        $prefix = $prefix . "/";
+
+        //Do a bunch of safety checks to ensure we don't delete more than we intended.
+        //An valid prefix is like "12/4312" for instance 4312.
+        $slashPos = strpos($prefix, "/");
+        if (($slashPos === FALSE) || //Slash must exist
+            ($slashPos != 2) ||      //Slash must be the third character
+            (strlen($prefix) > $slashPos) ||    //String must have something after the first slash
+            (substr_count($prefix, "/") != 2))  //String must have two slashes
+        {
+            throw new Exception("Invalid file prefix in " . __FUNCTION__);
     }
-    
+        $this->s3Client->deleteMatchingObjects($bucket, $prefix);
+    }
+
     public function getFilePrefix()
     {
         $hostingId = Billing::getClientInstanceId();
-        return substr($hostingId, -2)."/".$hostingId;
+        $filePrefix = substr($hostingId, -2)."/".$hostingId;
+        return $filePrefix;
     }
 }