fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-07 10:41:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

fix #1104 허용하지 않은 확장자의 파일을 업로드할 수 있는 문제 고침

Browse source 
- 보고자 : 국제정보보안교육선터
This commit is contained in:
bnu 2014-12-22 15:33:13 +09:00
parent 6fef7cebc6
commit c9961fa926
2 changed files with 22 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

19
modules/file/file.controller.php
View file

@ -626,6 +626,25 @@ class fileController extends file
{
$oFileModel = getModel('file');
$config = $oFileModel->getFileConfig($module_srl);
// check file type
if(isset($config->allowed_filetypes) && $config->allowed_filetypes !== '*.*')
{
$filetypes = explode(';', $config->allowed_filetypes);
$ext = array();
foreach($filetypes as $item) {
$item = explode('.', $item);
$ext[] = $item[1];
}
$uploaded_ext = explode('.', $file_info['name']);
$uploaded_ext = array_pop($uploaded_ext);
if(!in_array($uploaded_ext, $ext))
{
return $this->stop('msg_not_allowed_filetype');
}
}
$allowed_filesize = $config->allowed_filesize * 1024 * 1024;
$allowed_attach_size = $config->allowed_attach_size * 1024 * 1024;
// An error appears if file size exceeds a limit