diff options
author | Sem <sembrestels@riseup.net> | 2012-09-18 20:35:43 +0200 |
---|---|---|
committer | Sem <sembrestels@riseup.net> | 2012-09-18 20:35:43 +0200 |
commit | 2568ba3296d99c328df0c2b25df1e16c6a3b143f (patch) | |
tree | 5da91b67f0c6c6bd3858ed7768ecade6eb7ac456 | |
parent | ece60b30a4f2fca5708df3fc9e8a9384ab717819 (diff) | |
download | elgg-2568ba3296d99c328df0c2b25df1e16c6a3b143f.tar.gz elgg-2568ba3296d99c328df0c2b25df1e16c6a3b143f.tar.bz2 |
Avoiding XSS via filename.
-rw-r--r-- | actions/photos/image/upload.php | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/actions/photos/image/upload.php b/actions/photos/image/upload.php index 2dd0959bf..268712666 100644 --- a/actions/photos/image/upload.php +++ b/actions/photos/image/upload.php @@ -49,11 +49,12 @@ foreach ($_FILES['images']['name'] as $index => $value) { if (empty($data['name'])) { continue; } + $name = htmlspecialchars($data['name'], ENT_QUOTES, 'UTF-8', false); - $mime = tp_upload_get_mimetype($data['name']); + $mime = tp_upload_get_mimetype($name); $image = new TidypicsImage(); - $image->title = $data['name']; + $image->title = $name; $image->container_guid = $album->getGUID(); $image->setMimeType($mime); $image->access_id = $album->access_id; @@ -61,7 +62,7 @@ foreach ($_FILES['images']['name'] as $index => $value) { try { $result = $image->save($data); } catch (Exception $e) { - array_push($not_uploaded, $data['name']); + array_push($not_uploaded, $name); array_push($error_msgs, $e->getMessage()); } |