Actually this makes more sense, also backport the dotfile patch from trunk to branch

diff --git a/include/admin/images.inc.php b/include/admin/images.inc.php
index 3575124dc5695498386801ad501fc6307d4781c2..341318adf26a82036906aae52c11b8677706c871 100644 (file)
--- a/include/admin/images.inc.php
+++ b/include/admin/images.inc.php
@@ -60,7 +60,7 @@ switch ($serendipity['GET']['adminAction']) {
             return;
         }
 
-        if ($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && !serendipity_isSafeFile($serendipity['GET']['newname'])) {
+        if ($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && serendipity_isActiveFile($serendipity['GET']['newname'])) {
             printf(ERROR_FILE_FORBIDDEN, $serendipity['GET']['newname']);
             return;
         }
@@ -123,7 +123,7 @@ switch ($serendipity['GET']['adminAction']) {
             $tfile   = serendipityNormalizeFilename(basename($serendipity['POST']['imageurl']));
         }
 
-        if ($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && !serendipity_isSafeFile($tfile)) {
+        if ($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && serendipity_isActiveFile($tfile)) {
             printf(ERROR_FILE_FORBIDDEN, $tfile);
             break;
         }

diff --git a/include/functions_images.inc.php b/include/functions_images.inc.php
index d069ecb776fb84380d0f2a10151bed60e56c618c..fdb75065bb3f264c6e42d6b561d8868f40c974a2 100644 (file)
--- a/include/functions_images.inc.php
+++ b/include/functions_images.inc.php
@@ -10,7 +10,11 @@ function serendipityNormalizeFilename($in) {
     return $out;
 }
 
-function serendipity_isSafeFile($file) {
+function serendipity_isActiveFile($file) {
+    if (preg_match('@^\.@', $file)) {
+        return true;
+    }
+
     return preg_match('@\.(php[34]?|[psj]html?|aspx?|cgi|jsp|py|pl)$@i', $file);
 }