From 5d7853645ac2bf7120037e011eb25e9ab8eee78f Mon Sep 17 00:00:00 2001
From: Kijin Sung <kijin@kijinsung.com>
Date: Sat, 12 Mar 2016 21:03:26 +0900
Subject: [PATCH] Remove all calls to checkUploadedFile()

---
 common/legacy.php                             |  2 +-
 modules/file/file.controller.php              |  4 +--
 .../integration_search.admin.controller.php   |  2 +-
 modules/layout/layout.admin.controller.php    |  7 ++---
 modules/member/member.controller.php          | 10 ------
 modules/menu/menu.admin.controller.php        | 31 +++++--------------
 modules/module/module.admin.controller.php    |  2 +-
 modules/module/module.controller.php          |  6 ----
 modules/rss/rss.admin.controller.php          |  2 +-
 9 files changed, 15 insertions(+), 51 deletions(-)

diff --git a/common/legacy.php b/common/legacy.php
index e2377b234..99a3bcd13 100644
--- a/common/legacy.php
+++ b/common/legacy.php
@@ -868,7 +868,7 @@ function blockWidgetCode($content)
  */
 function checkUploadedFile($file)
 {
-	return UploadFileFilter::check($file);
+	return true;
 }
 
 /**
diff --git a/modules/file/file.controller.php b/modules/file/file.controller.php
index 78658ba80..65a4720a1 100644
--- a/modules/file/file.controller.php
+++ b/modules/file/file.controller.php
@@ -763,12 +763,10 @@ class fileController extends file
 			$filename = $path.$random->createSecureSalt(32, 'hex');
 			$direct_download = 'N';
 		}
+
 		// Create a directory
 		if(!FileHandler::makeDir($path)) return new Object(-1,'msg_not_permitted_create');
 
-		// Check uploaded file
-		if(!checkUploadedFile($file_info['tmp_name']))  return new Object(-1,'msg_file_upload_error');
-
 		// Get random number generator
 		$random = new Password();
 		
diff --git a/modules/integration_search/integration_search.admin.controller.php b/modules/integration_search/integration_search.admin.controller.php
index 232af8d62..3bd38c4e4 100644
--- a/modules/integration_search/integration_search.admin.controller.php
+++ b/modules/integration_search/integration_search.admin.controller.php
@@ -85,7 +85,7 @@ class integration_searchAdminController extends integration_search
 					continue;
 				}
 				// Ignore if the file is not successfully uploaded, and check uploaded file
-				if(!is_uploaded_file($image_obj['tmp_name']) || !checkUploadedFile($image_obj['tmp_name']))
+				if(!is_uploaded_file($image_obj['tmp_name']))
 				{
 					unset($obj->{$vars->name});
 					continue;
diff --git a/modules/layout/layout.admin.controller.php b/modules/layout/layout.admin.controller.php
index 6a3342021..572d052ee 100644
--- a/modules/layout/layout.admin.controller.php
+++ b/modules/layout/layout.admin.controller.php
@@ -435,9 +435,6 @@ class layoutAdminController extends layout
 			$ext = substr(strrchr($filename,'.'),1);
 			$filename = sprintf('%s.%s', md5($filename), $ext);
 		}
-
-		// Check uploaded file
-		if(!checkUploadedFile($source['tmp_name'])) return false;
 		
 		if(file_exists($path .'/'. $filename)) @unlink($path . $filename);
 		if(!move_uploaded_file($source['tmp_name'], $path . $filename )) return false;
@@ -690,7 +687,7 @@ class layoutAdminController extends layout
 		// check upload
 		if(!Context::isUploaded()) exit();
 		$file = Context::get('file');
-		if(!is_uploaded_file($file['tmp_name']) || !checkUploadedFile($file['tmp_name'])) exit();
+		if(!is_uploaded_file($file['tmp_name'])) exit();
 
 		if(substr_compare($file['name'], '.tar', -4) !== 0) exit();
 
@@ -925,7 +922,7 @@ class layoutAdminController extends layout
 		$this->setTemplatePath($this->module_path.'tpl');
 		$this->setTemplateFile("after_upload_config_image.html");
 
-		if(!$img['tmp_name'] || !is_uploaded_file($img['tmp_name']) || !checkUploadedFile($img['tmp_name']))
+		if(!$img['tmp_name'] || !is_uploaded_file($img['tmp_name']))
 		{
 			Context::set('msg', lang('upload failed'));
 			return;
diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php
index c6bb4c134..a085d1c4e 100644
--- a/modules/member/member.controller.php
+++ b/modules/member/member.controller.php
@@ -729,10 +729,6 @@ class memberController extends member
 	 */
 	function insertProfileImage($member_srl, $target_file)
 	{
-
-		// Check uploaded file
-		if(!checkUploadedFile($target_file)) return;
-
 		$oMemberModel = getModel('member');
 		$config = $oMemberModel->getMemberConfig();
 
@@ -808,9 +804,6 @@ class memberController extends member
 	 */
 	function insertImageName($member_srl, $target_file)
 	{
-		// Check uploaded file
-		if(!checkUploadedFile($target_file)) return;
-
 		$oModuleModel = getModel('module');
 		$config = $oModuleModel->getModuleConfig('member');
 		// Get an image size
@@ -917,9 +910,6 @@ class memberController extends member
 	 */
 	function insertImageMark($member_srl, $target_file)
 	{
-		// Check uploaded file
-		if(!checkUploadedFile($target_file)) return;
-
 		$oModuleModel = getModel('module');
 		$config = $oModuleModel->getModuleConfig('member');
 		// Get an image size
diff --git a/modules/menu/menu.admin.controller.php b/modules/menu/menu.admin.controller.php
index c007af59b..b22f8f39e 100644
--- a/modules/menu/menu.admin.controller.php
+++ b/modules/menu/menu.admin.controller.php
@@ -1520,7 +1520,7 @@ class menuAdminController extends menu
 			Context::set('error_messge', lang('msg_invalid_request'));
 
 		}
-		else if(!$target_file || !is_uploaded_file($target_file['tmp_name']) || !preg_match('/\.(gif|jpeg|jpg|png)$/i',$target_file['name'])  || !checkUploadedFile($target_file['tmp_name']))
+		else if(!$target_file || !is_uploaded_file($target_file['tmp_name']) || !preg_match('/\.(gif|jpeg|jpg|png)$/i',$target_file['name']))
 		{
 			Context::set('error_messge', lang('msg_invalid_request'));
 		}
@@ -2132,19 +2132,15 @@ class menuAdminController extends menu
 
 		$returnArray = array();
 		$date = date('YmdHis');
+
 		// normal button
 		if($args->menu_normal_btn)
 		{
 			$tmp_arr = explode('.',$args->menu_normal_btn['name']);
 			$ext = $tmp_arr[count($tmp_arr)-1];
-
 			$filename = sprintf('%s%d.%s.%s.%s', $path, $args->menu_item_srl, $date, 'menu_normal_btn', $ext);
-
-			if(checkUploadedFile($args->menu_normal_btn['tmp_name']))
-			{
-				move_uploaded_file ( $args->menu_normal_btn ['tmp_name'], $filename );
-				$returnArray ['normal_btn'] = $filename;
-			}
+			move_uploaded_file($args->menu_normal_btn['tmp_name'], $filename);
+			$returnArray['normal_btn'] = $filename;
 		}
 
 		// hover button
@@ -2152,14 +2148,9 @@ class menuAdminController extends menu
 		{
 			$tmp_arr = explode('.',$args->menu_hover_btn['name']);
 			$ext = $tmp_arr[count($tmp_arr)-1];
-
 			$filename = sprintf('%s%d.%s.%s.%s', $path, $args->menu_item_srl, $date, 'menu_hover_btn', $ext);
-
-			if(checkUploadedFile($args->menu_hover_btn['tmp_name']))
-			{
-				move_uploaded_file($args->menu_hover_btn['tmp_name'], $filename);
-				$returnArray['hover_btn'] = $filename;
-			}
+			move_uploaded_file($args->menu_hover_btn['tmp_name'], $filename);
+			$returnArray['hover_btn'] = $filename;
 		}
 
 		// active button
@@ -2167,15 +2158,9 @@ class menuAdminController extends menu
 		{
 			$tmp_arr = explode('.',$args->menu_active_btn['name']);
 			$ext = $tmp_arr[count($tmp_arr)-1];
-
 			$filename = sprintf('%s%d.%s.%s.%s', $path, $args->menu_item_srl, $date, 'menu_active_btn', $ext);
-
-			if(checkUploadedFile($args->menu_active_btn['tmp_name']))
-			{
-				move_uploaded_file($args->menu_active_btn['tmp_name'], $filename);
-				$returnArray['active_btn'] = $filename;
-			}
-
+			move_uploaded_file($args->menu_active_btn['tmp_name'], $filename);
+			$returnArray['active_btn'] = $filename;
 		}
 		return $returnArray;
 	}
diff --git a/modules/module/module.admin.controller.php b/modules/module/module.admin.controller.php
index 25319d5b8..7eaddee2f 100644
--- a/modules/module/module.admin.controller.php
+++ b/modules/module/module.admin.controller.php
@@ -439,7 +439,7 @@ class moduleAdminController extends module
 						continue;
 					}
 					// Ignore if the file is not successfully uploaded
-					if(!is_uploaded_file($image_obj['tmp_name']) || !checkUploadedFile($image_obj['tmp_name']))
+					if(!is_uploaded_file($image_obj['tmp_name']))
 					{
 						unset($obj->{$vars->name});
 						continue;
diff --git a/modules/module/module.controller.php b/modules/module/module.controller.php
index f70057d10..2943060c8 100644
--- a/modules/module/module.controller.php
+++ b/modules/module/module.controller.php
@@ -1303,9 +1303,6 @@ class moduleController extends module
 			$save_filename = sprintf('%s%s.%s',$path, $vars->module_filebox_srl, $ext);
 			$tmp = $vars->addfile['tmp_name'];
 
-			// Check uploaded file
-			if(!checkUploadedFile($tmp)) return false;
-
 			if(!@move_uploaded_file($tmp, $save_filename))
 			{
 				return false;
@@ -1340,9 +1337,6 @@ class moduleController extends module
 		$save_filename = sprintf('%s%s.%s',$path, $vars->module_filebox_srl, $vars->ext);
 		$tmp = $vars->addfile['tmp_name'];
 
-		// Check uploaded file
-		if(!checkUploadedFile($tmp)) return false;
-
 		// upload
 		if(!@move_uploaded_file($tmp, $save_filename))
 		{
diff --git a/modules/rss/rss.admin.controller.php b/modules/rss/rss.admin.controller.php
index cb7e9c5bd..8368cb413 100644
--- a/modules/rss/rss.admin.controller.php
+++ b/modules/rss/rss.admin.controller.php
@@ -44,7 +44,7 @@ class rssAdminController extends rss
 				$total_config->image = '';
 			}
 			// Ignore if the file is not the one which has been successfully uploaded
-			if($image_obj['tmp_name'] && is_uploaded_file($image_obj['tmp_name']) && checkUploadedFile($image_obj['tmp_name']))
+			if($image_obj['tmp_name'] && is_uploaded_file($image_obj['tmp_name']))
 			{
 				// Ignore if the file is not an image (swf is accepted ~)
 				$image_obj['name'] = Context::convertEncodingStr($image_obj['name']);