r31k
/
bludit
2
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

Security bug fixed #1131 and refresh profile picture after uploaded

This commit is contained in:
Diego Najar 2020-02-05 20:57:07 +01:00
parent 4d0912308d
commit 35483e0d30
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
bl-kernel/admin/views/edit-user.php
View File

@ -134,9 +134,8 @@
contentType: false, contentType: false,
processData: false processData: false
}).done(function(data) { }).done(function(data) {
console.log(data);
if (data.status==0) { if (data.status==0) {
$("#jsprofilePicturePreview").attr('src',json.absoluteURL+"?time="+Math.random()); $("#jsprofilePicturePreview").attr('src',data.absoluteURL+"?time="+Math.random());
} else { } else {
showAlert(data.message); showAlert(data.message);
} }

4
bl-kernel/ajax/profile-picture-upload.php
View File

@ -11,6 +11,10 @@ if ($username===false) {
ajaxResponse(1, 'Error in username.'); ajaxResponse(1, 'Error in username.');
} }
if ( ($login->role()!='admin') && ($login->username()!=$username) ) {
ajaxResponse(1, 'Error in username.');
}
if (!isset($_FILES['profilePictureInputFile'])) { if (!isset($_FILES['profilePictureInputFile'])) {
ajaxResponse(1, 'Error trying to upload the profile picture.'); ajaxResponse(1, 'Error trying to upload the profile picture.');
} }