Menu
▾
▴
[mxbb-commits] mx_pafiledb/pafiledb/includes functions_pafiledb.php, 1.49, 1.50
|
From: Jon O. <jon...@us...> - 2007-09-23 17:49:42
|
Update of /cvsroot/mxbb/mx_pafiledb/pafiledb/includes In directory sc8-pr-cvs16.sourceforge.net:/tmp/cvs-serv8524 Modified Files: functions_pafiledb.php Log Message: security fix for screenshots Index: functions_pafiledb.php =================================================================== RCS file: /cvsroot/mxbb/mx_pafiledb/pafiledb/includes/functions_pafiledb.php,v retrieving revision 1.49 retrieving revision 1.50 diff -C2 -d -r1.49 -r1.50 *** functions_pafiledb.php 9 Sep 2007 20:16:18 -0000 1.49 --- functions_pafiledb.php 23 Sep 2007 17:49:36 -0000 1.50 *************** *** 1774,1777 **** --- 1774,1785 ---- } + $forbidden_ss_extensions = array('jpg', 'gif', 'png'); + $ss_file_extension = $pafiledb_functions->get_extension( $ss_name ); + + if ( in_array( $ss_file_extension, $forbidden_ss_extensions ) ) + { + $this->error[] = 'You are not allowed to upload this type of screenshot image'; + } + if ( sizeof( $this->error ) ) { |
