fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-04-02 01:52:10 +09:00
Code Issues Projects Releases Packages Wiki Activity

Use FilenameFilter in file module

Browse source
This commit is contained in:
Kijin Sung 2016-03-12 17:44:50 +09:00
parent 1c32e993ab
commit 6d13142f30
1 changed files with 2 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/file/file.controller.php
View file

@ -732,10 +732,8 @@ class fileController extends file
}
}
// https://github.com/xpressengine/xe-core/issues/1713
$file_info['name'] = preg_replace('/\.(php|phtm|phar|html?|cgi|pl|exe|jsp|asp|inc)/i', '$0-x',$file_info['name']);
$file_info['name'] = removeHackTag($file_info['name']);
$file_info['name'] = str_replace(array('<','>'),array('%3C','%3E'),$file_info['name']);
// Sanitize filename
$file_info['name'] = Rhymix\Framework\Security\FilenameFilter::clean($file_info['name']);
// Get random number generator
$random = new Password();