fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-04 01:01:41 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix arbitrary file deletion via procFileIframeUpload()

Browse source 
@conory
This commit is contained in:
Kijin Sung 2017-03-08 17:21:00 +09:00
parent 910610e62d
commit b11f233b3a
1 changed files with 10 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

11
modules/file/file.controller.php
View file

@ -170,7 +170,16 @@ class fileController extends file
if(!$upload_target_srl) $_SESSION['upload_info'][$editor_sequence]->upload_target_srl = $upload_target_srl = getNextSequence();
// Delete and then attempt to re-upload if file_srl is requested
$file_srl = Context::get('file_srl');
if($file_srl) $this->deleteFile($file_srl);
if($file_srl)
{
$oFileModel = getModel('file');
$logged_info = Context::get('logged_info');
$file_info = $oFileModel->getFile($file_srl);
if($file_info->file_srl == $file_srl && $oFileModel->getFileGrant($file_info, $logged_info)->is_deletable)
{
$this->deleteFile($file_srl);
}
}
$file_info = Context::get('Filedata');
// An error appears if not a normally uploaded file