[Phpbb-checkins] CVS: phpBB2/includes usercp_avatar.php,1.4,1.5

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/phpbb/phpBB2/includes
In directory usw-pr-cvs1:/tmp/cvs-serv31231/includes

Modified Files:
	usercp_avatar.php 
Log Message:
Missed a width/height check for uploaded avatars

Index: usercp_avatar.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/usercp_avatar.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -r1.4 -r1.5
*** usercp_avatar.php	19 Mar 2002 21:54:47 -0000	1.4
--- usercp_avatar.php	20 Mar 2002 14:38:51 -0000	1.5
***************
*** 136,140 ****
  			$avatar_data = substr($avatar_data, strlen($avatar_data) - $avatar_filesize, $avatar_filesize);
  
! 			$tmp_path = ( !$ini_val('safe_mode') ) ? '/tmp' : './' . $board_config['avatar_path'] . "/tmp";
  			$tmp_filename = tempnam($tmp_path, $userdata['user_id'] . '-');
  
--- 136,140 ----
  			$avatar_data = substr($avatar_data, strlen($avatar_data) - $avatar_filesize, $avatar_filesize);
  
! 			$tmp_path = ( !@$ini_val('safe_mode') ) ? '/tmp' : './' . $board_config['avatar_path'] . "/tmp";
  			$tmp_filename = tempnam($tmp_path, $userdata['user_id'] . '-');
  
***************
*** 177,180 ****
--- 177,182 ----
  			return;
  		}
+ 
+ 		list($width, $height) = @getimagesize($avatar_filename);
  	}
  
***************
*** 203,207 ****
  		else
  		{
! 			if ( $ini_val('open_basedir') != '' )
  			{
  				if ( phpversion() < '4.0.3' )
--- 205,209 ----
  		else
  		{
! 			if ( @$ini_val('open_basedir') != '' )
  			{
  				if ( phpversion() < '4.0.3' )

[Phpbb-checkins] CVS: phpBB2/includes usercp_avatar.php,1.4,1.5

phpBB is the world's leading open source discussion forum software.

[Phpbb-checkins] CVS: phpBB2/includes usercp_avatar.php,1.4,1.5