From 57d1d4a697ffba4b19ea39ed93f4ff2fdcbfb804 Mon Sep 17 00:00:00 2001
From: David Anderson <davea@ssl.berkeley.edu>
Date: Wed, 1 Sep 2004 22:51:23 +0000
Subject: [PATCH] *** empty log message ***

svn path=/trunk/boinc/; revision=4139
---
 checkin_notes      | 10 ++++++++++
 doc/index.php      |  7 +++++--
 html/inc/cache.inc | 23 +++++++++++++++--------
 3 files changed, 30 insertions(+), 10 deletions(-)

diff --git a/checkin_notes b/checkin_notes
index ae83b93e29..7cad5383ce 100755
--- a/checkin_notes
+++ b/checkin_notes
@@ -16861,3 +16861,13 @@ Rom    1 Sep 2004
 
     client/translations/
         <Many Files>
+
+David  1 Sep 2004
+    - fixed bug in web-caching code that caused files in html/user
+        to be randomly deleted.
+        The function clean_cache($dir) was enumerating files in $dir,
+        and doing unlink($file), but without chdir'ing into $dir
+        or concatenating $dir onto $file.
+
+    html/inc
+        cache.inc
diff --git a/doc/index.php b/doc/index.php
index 74edba10a2..bdeab6e665 100644
--- a/doc/index.php
+++ b/doc/index.php
@@ -20,7 +20,7 @@ computer resources
 </center>
 
 <br clear=all>
-<table width=100% border=0 cellspacing=0 cellpadding=20>
+<table width=100% border=0 cellspacing=0 cellpadding=10>
 <tr>
 <td valign=top width=40%>
 <a href=intro.php>Overview of BOINC</a>
@@ -72,6 +72,9 @@ BOINC-based distributed computing projects include:
 <a href=http://climateprediction.net>Climateprediction.net</a>:
 Improve the accuracy of long-range climate prediction.
 <li>
+<a href=http://athome.web.cern.ch/athome/>LHC@home</a>:
+Help to build the CERN LHC accelerator.
+<li>
 <a href=http://predictor.scripps.edu>Predictor@home</a>:
 Solve biomedical questions of protein-related diseases.
 <li><a href=http://setiweb.ssl.berkeley.edu/>SETI@home</a>:
@@ -80,7 +83,7 @@ looking for evidence of extraterrestrial life.
 </ul>
 We encourage you to participate in multiple projects,
 so that your computer will be kept busy even
-while a project is down or out of work.
+while projects are down or out of work.
 
 
 <center>
diff --git a/html/inc/cache.inc b/html/inc/cache.inc
index 2c8710a273..d211c79867 100644
--- a/html/inc/cache.inc
+++ b/html/inc/cache.inc
@@ -45,14 +45,21 @@ function disk_usage($dir) {
     return $usage;
 }
 
-function clean_cache($max_age,$dir="../cache") {
-    if ($handle=@opendir($dir)) {
+function clean_cache($max_age, $dir) {
+    chdir($dir);
+    if ($handle=@opendir(".")) {
         while ($file=readdir($handle)) {
-            if (($file != ".") && ($file != "..")) {
-                if (@is_dir($dir."/".$file)) {
-                    clean_cache($max_age,$dir."/".$file);
-                } else {
-                    if ((time()-@filemtime($file))>$max_age) @unlink($file);
+            if ($file == ".") continue;
+            if ($file == "..") continue;
+
+            // don't let hackers trick us into deleting other files!
+            if (substr($file, "..")) continue;
+            if (@is_dir($dir."/".$file)) {
+                clean_cache($max_age, $dir."/".$file);
+            } else {
+                if ((time()-@filemtime($file))>$max_age) {
+                    //echo "unlinking $dir/$file\n";
+                    @unlink($file);
                 }
             }
         }
@@ -67,7 +74,7 @@ function start_cache($max_age, $params=""){
        $too_old=86400;
        while ((disk_free_space("../cache") < MIN_FREE_SPACE) ||
            (disk_usage("../cache") > MAX_CACHE_USAGE)) {
-           clean_cache($too_old);
+           clean_cache($too_old, "../cache");
            $too_old/=2;
        }
     }