Quote Originally Posted by mc12345678 View Post
Understanding that English is not the stronger language, I will try to answer what I may understand.

A problem was created in a code change where placing the EP4 upload/download folder outside of the admin directory would cause the files identified in that folder to not be processed for import by EP4. The file would be identified as having a CSV delimiter error. Although a solution was only recently publicly posted, the solution had been determined a while ago awaiting someone else to confirm that there was an issue and request resolution (see https://www.zen-cart.com/showthread....80#post1385080). That solution appears to have worked.

I am not sure if the question above is now answered by the above text, or if a more technical explanation is requested about why the code works the way it does, so I am going to step out and attempt an explanation.

To attempt to limit the ability of database settings from pointing to folder locations that are not expected to represent "safe" spaces in the Zen Cart software, a method is incorporated in the software to report/determine the file's location that is executing the code. That location is then compared to the path of the file to be accessed. If the two sets of information align then the path is used, if the requested path is not in the file's path or downstream from it (in a sub-folder or some sub-sub-folder), then the path is not trusted. But, a folder that is placed outside of the admin folder would need to be at least one folder to the left of the current folder. Therefore to allow that path, additional effort/code is required to permit the parent folder to be allowed.

So why not just have the folder always point to the parent folder? Not everyone sets up their admin folder to only be a sub-folder off of the catalog, there has been discussion of removing the admin folder, *and* I consider the "safer" option for all CSV data to be imported and exported from within a secure area such as the admin folder. Therefore, I wrote the code to default running from the admin directory instead of from one directory above the current folder and allow any folder off of the catalog root to be permitted.

Otherwise, because I made a mistake. :)
The basic idea of the process is: if the database is modified by a bad actor, the worst that they can do/access is a file within the ZC catalog but not above it. In so accessing they would have to modify the file that is performing execution in order to affect something else with the idea that the user has placed their files in some sub-folder. Further, the admin directory itself is not stored in the database so that it can not be discovered by database review/inspection. While there is not a requirement right now for csv files to be in a sub-folder, I likely will incorporate such a requirement in a future release based on this evaluation.