fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-07 02:31:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

issue 3633, protect from file upload hacking

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@13182 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
khongchi 2013-11-08 03:44:04 +00:00
parent f010a2ce7f
commit acd89ccd9a
10 changed files with 111 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/integration_search/integration_search.admin.controller.php
View file

@ -81,8 +81,8 @@ class integration_searchAdminController extends integration_search
$obj->{$vars->name} = $module_info->{$vars->name};
continue;
}
// Ignore if the file is not successfully uploaded
if(!is_uploaded_file($image_obj['tmp_name']))
// Ignore if the file is not successfully uploaded, and check uploaded file
if(!is_uploaded_file($image_obj['tmp_name']) || !checkUploadedFile($image_obj['tmp_name']))
{
unset($obj->{$vars->name});
continue;