Project

General

Profile

« Previous | Next » 

Revision 1475

Added by Dietmar almost 13 years ago

+ add SecureForm.mtab.php under mantennance by WebsiteBaker Community
! security fixes media, groups, users, sections
  1. change lang variable to remove upgrade-script
    ! reworked add sections in pages
    ! fix set empty href in show_menu2
    ! set show_menu2 version to 4.9.6
    ! reworked Droplet LoginBox, add redirect query
    - remove unneeded folder js
    ! set Droplet to version 1.1.0
    + add checkboxes to change frontend absolute url to relative urls
    ! set output_filter version to 0.2

View differences:

upload.php
22 22 
include_once('parameters.php');
23 23 

  		




  24
  24
  
    
require_once(WB_PATH.'/framework/class.admin.php');


  		




  25
  
  
    
require_once(WB_PATH.'/include/pclzip/pclzip.lib.php');	// Required to unzip file.


  		




  
  25
  
    
// require_once(WB_PATH.'/include/pclzip/pclzip.lib.php');	// Required to unzip file.


  		




  26
  26
  
    
// suppress to print the header, so no new FTAN will be set


  		




  27
  27
  
    
$admin = new admin('Media', 'media_upload', false);


  		




  28
  28
  
    

  		




  ......




  52
  52
  
    
$resizepath = str_replace(array('/',' '),'_',$target);


  		




  53
  53
  
    

  		




  54
  54
  
    
// Find out whether we should replace files or give an error


  		




  55
  
  
    
if($admin->get_post('overwrite') != '') {


  		




  56
  
  
    
	$overwrite = true;


  		




  57
  
  
    
} else {


  		




  58
  
  
    
	$overwrite = false;


  		




  59
  
  
    
}


  		




  
  55
  
    
$overwrite = ($admin->get_post('overwrite') != '') ? true : false;


  		




  60
  56
  
    

  		




  61
  57
  
    
// Get list of file types to which we're supposed to append 'txt'


  		




  62
  58
  
    
$get_result=$database->query("SELECT value FROM ".TABLE_PREFIX."settings WHERE name='rename_files_on_upload' LIMIT 1");


  		




  ......




  65
  61
  
    
	$fetch_result=$get_result->fetchRow();


  		




  66
  62
  
    
	$file_extension_string=$fetch_result['value'];


  		




  67
  63
  
    
}


  		




  
  64
  
    

  		




  68
  65
  
    
$file_extensions=explode(",",$file_extension_string);


  		




  69
  66
  
    
// get from settings and add to forbidden list


  		




  70
  67
  
    
$rename_file_types  = str_replace(',','|',RENAME_FILES_ON_UPLOAD);


  		












Also available in:  Unified diff