git.mjollnir.org Git - s9y.git/commit

]> git.mjollnir.org Git - s9y.git/commit

author	garvinhicking <garvinhicking>
	Fri, 13 May 2005 11:04:42 +0000 (11:04 +0000)
committer	garvinhicking <garvinhicking>
	Fri, 13 May 2005 11:04:42 +0000 (11:04 +0000)
commit	f899929029d33201e866171c68e3470b6474fc21
tree	ff613de0698c367814227da77a4b9f5edd08fb03	tree \| snapshot
parent	ab08dff996a96fab8d60263317258d4ee8462f83	commit \| diff

This should fix the image upload bug for good. Uses basename() and upload verification before any checks are done.
Also admins can no longer upload active content files.

Tricking the upload by making the directory "evil.ph" and the filename "p" does not work because trailing slashes are appended to directory names.

include/admin/images.inc.php		diff \| blob \| history
include/functions_images.inc.php		diff \| blob \| history

import of upstream's svn repo, along with my own branches

RSS Atom