--- /cvs/drupal/contributions/modules/take_control/fb/get-files.php	2010/03/15 17:33:22	1.7
+++ /cvs/drupal/contributions/modules/take_control/fb/get-files.php	2010/04/02 14:58:38	1.8
@@ -1,5 +1,5 @@
 <?php
-// $Id: get-files.php,v 1.6 2010/03/02 10:00:27 rhoney Exp $
+// $Id: get-files.php,v 1.7 2010/03/15 17:33:22 rhoney Exp $
 
 
 require_once (drupal_get_path('module', 'take_control') . '/includes/security.inc');
@@ -348,6 +348,11 @@
   $appDir = take_control_app_dir();
   $docRoot = $_SERVER['DOCUMENT_ROOT'];
 
+  $len = strlen($docRoot);
+  if ($docRoot[$len - 1] == DIRECTORY_SEPARATOR) {
+    $docRoot = substr($docRoot, 0, $len - 1);
+  }
+
   if (!isset($appDir) || strpos($appDir, $docRoot) !== 0 || strpos($path, $appDir) !== 0) {
     take_control_security_error();
   }