Project

General

Profile

« Previous | Next » 

Revision 1476

Added by Dietmar over 13 years ago

! optimize blacklist handling, add more separator ",#|;"
set of a wildcard ".*?" e.g. ph.*? proof ext like php, php3, php4 etc.
  1. fix sctrict warnings in media if default theme ist not Argos Theme
    + add new settings value in install, upgrade-script and core module

View differences:

browse.php
156 156
	$usedFiles = $Dse->getMatchesFromDir( $currentdir, DseTwo::RETURN_USED);
157 157
}
158 158

  
159
$rename_file_types  = str_replace(',','|',RENAME_FILES_ON_UPLOAD);
160
// hardcodet forbidden filetypes
161
$forbidden_file_types = 'phtml|php5|php4|php|cgi|pl|exe|com|bat|src|'.$rename_file_types;
159
// Check for potentially malicious files
160
$forbidden_file_types  = preg_replace( '/\s*[,;\|#]\s*/','|',RENAME_FILES_ON_UPLOAD);
162 161

  
163 162
if($handle = opendir(WB_PATH.MEDIA_DIRECTORY.'/'.$directory)) {
164 163
	// Loop through the files and dirs an add to list

Also available in: Unified diff