Initial mitigations for #1088 #1089

2026-01-09 11:44:10 +09:00 · 2018-09-17 00:48:47 +09:00 · 2018-09-17 00:48:47 +09:00 · 60d390f52e
commit 60d390f52e
parent 6d081b9fec
5 changed files with 79 additions and 23 deletions
--- a/modules/file/file.controller.php
+++ b/modules/file/file.controller.php
@ -26,7 +26,7 @@ class fileController extends file
 	function procFileUpload()
 	{
 		Context::setRequestMethod('JSON');
-		$file_info = $_FILES['Filedata'];
+		$file_info = Context::get('Filedata');

 		// An error appears if not a normally uploaded file
 		if(!$file_info || !is_uploaded_file($file_info['tmp_name'])) exit();