Menu
▾
▴
[mxbb-commits] mx_pafiledb/pafiledb/includes functions_pafiledb.php, 1.48, 1.48.2.1
|
From: Jon O. <jon...@us...> - 2007-09-23 17:50:22
|
Update of /cvsroot/mxbb/mx_pafiledb/pafiledb/includes In directory sc8-pr-cvs16.sourceforge.net:/tmp/cvs-serv8929 Modified Files: Tag: core28x functions_pafiledb.php Log Message: security fix for screenshots Index: functions_pafiledb.php =================================================================== RCS file: /cvsroot/mxbb/mx_pafiledb/pafiledb/includes/functions_pafiledb.php,v retrieving revision 1.48 retrieving revision 1.48.2.1 diff -C2 -d -r1.48 -r1.48.2.1 *** functions_pafiledb.php 10 Aug 2007 18:36:22 -0000 1.48 --- functions_pafiledb.php 23 Sep 2007 17:50:17 -0000 1.48.2.1 *************** *** 1774,1777 **** --- 1774,1785 ---- } + $forbidden_ss_extensions = array('jpg', 'gif', 'png'); + $ss_file_extension = $pafiledb_functions->get_extension( $ss_name ); + + if ( in_array( $ss_file_extension, $forbidden_ss_extensions ) ) + { + $this->error[] = 'You are not allowed to upload this type of screenshot image'; + } + if ( sizeof( $this->error ) ) { |
