return;
}
- if ($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && serendipity_isActiveFile($serendipity['GET']['newname'])) {
+ if (serendipity_isActiveFile(basename($serendipity['GET']['newname']))) {
printf(ERROR_FILE_FORBIDDEN, $serendipity['GET']['newname']);
return;
}
if ($serendipity['POST']['imageurl'] != '' && $serendipity['POST']['imageurl'] != 'http://') {
if (!empty($serendipity['POST']['target_filename'][2])) {
// Faked hidden form 2 when submitting with JavaScript
- $tfile = serendipityNormalizeFilename($serendipity['POST']['target_filename'][2]);
+ $tfile = $serendipity['POST']['target_filename'][2];
$tindex = 2;
} elseif (!empty($serendipity['POST']['target_filename'][1])) {
// Fallback key when not using JavaScript
- $tfile = serendipityNormalizeFilename($serendipity['POST']['target_filename'][1]);
+ $tfile = $serendipity['POST']['target_filename'][1];
$tindex = 1;
} else {
- $tfile = serendipityNormalizeFilename(basename($serendipity['POST']['imageurl']));
+ $tfile = $serendipity['POST']['imageurl'];
$tindex = 1;
}
- if ($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && serendipity_isActiveFile($tfile)) {
+ $tfile = serendipity_uploadSecure(basename($tfile));
+
+ if (serendipity_isActiveFile($tfile)) {
printf(ERROR_FILE_FORBIDDEN, $tfile);
break;
}
- $tfile = serendipityNormalizeFilename(serendipity_uploadSecure($tfile));
$serendipity['POST']['target_directory'][$tindex] = serendipity_uploadSecure($serendipity['POST']['target_directory'][$tindex], true, true);
$target = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $serendipity['POST']['target_directory'][$tindex] . $tfile;
$uploadfile = &$_FILES['serendipity']['name']['userfile'][$idx];
$uploadtmp = &$_FILES['serendipity']['tmp_name']['userfile'][$idx];
if (!empty($target_filename)) {
- $tfile = serendipityNormalizeFilename($target_filename);
+ $tfile = $target_filename;
} elseif (!empty($uploadfile)) {
- $tfile = serendipityNormalizeFilename($uploadfile);
+ $tfile = $uploadfile;
} else {
// skip empty array
continue;
}
- if (preg_match('@^\.@', $tfile) || ($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && (preg_match('@\.(php[34]?|[ps]html?)$@i', $tfile)))) {
+ $tfile = serendipity_uploadSecure(basename($tfile));
+
+ if (serendipity_isActiveFile($tfile)) {
printf(ERROR_FILE_FORBIDDEN, $tfile);
echo '<br />';
continue;
}
- $tfile = serendipityNormalizeFilename(serendipity_uploadSecure($tfile));
$serendipity['POST']['target_directory'][$idx] = serendipity_uploadSecure($serendipity['POST']['target_directory'][$idx], true, true);
$target = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $serendipity['POST']['target_directory'][$idx] . $tfile;
echo '<br />';
} else {
// Accept file
- if (move_uploaded_file($uploadtmp, $target)) {
+ if (is_uploaded_file($uploadtmp) && move_uploaded_file($uploadtmp, $target)) {
printf(FILE_UPLOADED . '<br />', $uploadfile, $target);
@umask(0000);
@chmod($target, 0664);
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
-/**
-* Normalize a filename
-**/
-function serendipityNormalizeFilename($in) {
- $out = preg_replace('![^a-zA-Z0-9\._/-]!', '', $in);
- return $out;
-}
-
function serendipity_isActiveFile($file) {
if (preg_match('@^\.@', $file)) {
return true;
$var = preg_replace('@^(/+)@', '', $var);
if ($append_slash) {
- if (substr($var, -1, 1) != '/') {
+ if (!empty($var) && substr($var, -1, 1) != '/') {
$var .= '/';
}
}
projects / s9y.git / commitdiff