From 29a2a99ac6a5acb6a8288e556c048e142e2c4d15 Mon Sep 17 00:00:00 2001
From: khongchi <sungbum00@gmail.com>
Date: Fri, 15 Nov 2013 13:59:03 +0900
Subject: [PATCH] =?UTF-8?q?#53=20=ED=8C=8C=EC=9D=BC=EC=97=85=EB=A1=9C?=
 =?UTF-8?q?=EB=93=9C=20=EC=B7=A8=EC=95=BD=EC=A0=90=20=EB=B0=A9=EC=96=B4=20?=
 =?UTF-8?q?=EA=B8=B0=EB=8A=A5=20disable?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 classes/security/UploadFileFilter.class.php | 66 +++++++++++----------
 1 file changed, 36 insertions(+), 30 deletions(-)

diff --git a/classes/security/UploadFileFilter.class.php b/classes/security/UploadFileFilter.class.php
index 3f345f743..445043931 100644
--- a/classes/security/UploadFileFilter.class.php
+++ b/classes/security/UploadFileFilter.class.php
@@ -3,36 +3,42 @@
 
 class UploadFileFilter
 {
-        private static $_block_list = array('exec', 'system', 'passthru', 'show_source', 'phpinfo', 'fopen', 'file_get_contents', 'file_put_contents', 'fwrite', 'proc_open', 'popen');
-
-        public function check($file)
-        {
-                if (!$file || !file_exists($file)) return TRUE;
-                return self::_check($file);
-        }
-
-        private function _check($file)
-        {
-                if (!($fp = fopen($file, 'r'))) return FALSE;
-                $has_php_tag = FALSE;
-                while (!feof($fp))
-                {
-                        $content = fread($fp, 8192);
-                        if (FALSE === $has_php_tag) $has_php_tag = strpos($content, '<?');
-                        foreach (self::$_block_list as $v)
-                        {
-                                if (FALSE !== $has_php_tag && FALSE !== strpos($content, $v))
-                                {
-                                        fclose($fp);
-                                        return FALSE;
-                                }
-                        }
-                }
-
-                fclose($fp);
-                
-                return TRUE;
-        }
+	
+	private static $_block_list = array ('exec', 'system', 'passthru', 'show_source', 'phpinfo', 'fopen', 'file_get_contents', 'file_put_contents', 'fwrite', 'proc_open', 'popen');
+	
+	public function check($file)
+	{
+		// TODO: 기능개선후 enable
+		
+		return TRUE; // disable
+		if (! $file || ! file_exists ( $file )) return TRUE;
+		return self::_check ( $file );
+	}
+	
+	private function _check($file)
+	{
+		if (! ($fp = fopen ( $file, 'r' ))) return FALSE;
+		
+		$has_php_tag = FALSE;
+		
+		while ( ! feof ( $fp ) )
+		{
+			$content = fread ( $fp, 8192 );
+			if (FALSE === $has_php_tag) $has_php_tag = strpos ( $content, '<?' );
+			foreach ( self::$_block_list as $v )
+			{
+				if (FALSE !== $has_php_tag && FALSE !== strpos ( $content, $v ))
+				{
+					fclose ( $fp );
+					return FALSE;
+				}
+			}
+		}
+		
+		fclose ( $fp );
+		
+		return TRUE;
+	}
 }
 
 /* End of file : UploadFileFilter.class.php */