Revision 1407
Added by FrankH over 13 years ago
- various Security fixes, thanks to secunia and others
| upload.php | ||
|---|---|---|
| 123 | 123 |
// error while trying to extract the archive (most likely wrong format) |
| 124 | 124 |
$admin->print_error('UNABLE TO UNZIP FILE' . $archive -> errorInfo(true));
|
| 125 | 125 |
} |
| 126 |
|
|
| 127 |
// rename executable files! |
|
| 128 |
foreach ($list as $val) {
|
|
| 129 |
$fn = $val['filename']; |
|
| 130 |
$fnp = pathinfo($fn); |
|
| 131 |
if (isset($fnp['extension'])) {
|
|
| 132 |
$fext = $fnp['extension']; |
|
| 133 |
if (in_array($fext, $file_extensions)) {
|
|
| 134 |
rename($fn, $fn.".txt"); |
|
| 135 |
} |
|
| 136 |
} |
|
| 137 |
} |
|
| 126 | 138 |
} |
| 127 | 139 |
|
| 128 | 140 |
if($good_uploads == 1) {
|
Also available in: Unified diff