From: garvinhicking Date: Wed, 11 May 2005 09:56:00 +0000 (+0000) Subject: Actually this makes more sense, also backport the dotfile patch from trunk to branch X-Git-Tag: 0.8.1~10 X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=e97ccb469552a7c50e499ca556f418ec809aa912;p=s9y.git Actually this makes more sense, also backport the dotfile patch from trunk to branch --- diff --git a/include/admin/images.inc.php b/include/admin/images.inc.php index 3575124..341318a 100644 --- a/include/admin/images.inc.php +++ b/include/admin/images.inc.php @@ -60,7 +60,7 @@ switch ($serendipity['GET']['adminAction']) { return; } - if ($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && !serendipity_isSafeFile($serendipity['GET']['newname'])) { + if ($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && serendipity_isActiveFile($serendipity['GET']['newname'])) { printf(ERROR_FILE_FORBIDDEN, $serendipity['GET']['newname']); return; } @@ -123,7 +123,7 @@ switch ($serendipity['GET']['adminAction']) { $tfile = serendipityNormalizeFilename(basename($serendipity['POST']['imageurl'])); } - if ($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && !serendipity_isSafeFile($tfile)) { + if ($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && serendipity_isActiveFile($tfile)) { printf(ERROR_FILE_FORBIDDEN, $tfile); break; } diff --git a/include/functions_images.inc.php b/include/functions_images.inc.php index d069ecb..fdb7506 100644 --- a/include/functions_images.inc.php +++ b/include/functions_images.inc.php @@ -10,7 +10,11 @@ function serendipityNormalizeFilename($in) { return $out; } -function serendipity_isSafeFile($file) { +function serendipity_isActiveFile($file) { + if (preg_match('@^\.@', $file)) { + return true; + } + return preg_match('@\.(php[34]?|[psj]html?|aspx?|cgi|jsp|py|pl)$@i', $file); }