Security fixes
This commit is contained in:
parent
3843d3ab27
commit
c24a10a0c8
@ -26,6 +26,9 @@ if( Sanitize::pathFile(PATH_UPLOADS.$filename) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
echo json_encode( array('status'=>0, 'msg'=>'The file does not exist.') );
|
||||
exit(json_encode(array(
|
||||
'status'=>0,
|
||||
'msg'=>'The file does not exist.'
|
||||
)));
|
||||
|
||||
?>
|
@ -21,6 +21,9 @@ elseif( $_POST['type']==='post' ) {
|
||||
$slug = $dbPosts->generateKey($text, $key);
|
||||
}
|
||||
|
||||
echo json_encode( array('status'=>1, 'slug'=>$slug) );
|
||||
exit(json_encode(array(
|
||||
'status'=>1,
|
||||
'slug'=>$slug
|
||||
)));
|
||||
|
||||
?>
|
@ -18,6 +18,15 @@ $filename = pathinfo($filename, PATHINFO_FILENAME);
|
||||
$filename = Text::replace(' ', '', $filename);
|
||||
$filename = Text::replace('_', '', $filename);
|
||||
|
||||
// Check extension
|
||||
$validExtension = array('tiff', 'gif', 'png', 'jpg', 'jpeg', 'bmp');
|
||||
if( !in_array($fileExtension, $validExtension) ) {
|
||||
exit(json_encode(array(
|
||||
'status'=>1,
|
||||
'msg'=>'Invalid extension file.'
|
||||
)));
|
||||
}
|
||||
|
||||
// Generate the next filename if the filename already exist.
|
||||
$tmpName = $filename.'.'.$fileExtension;
|
||||
if( file_exists(PATH_UPLOADS.$tmpName) )
|
||||
@ -47,7 +56,7 @@ if($type=='profilePicture')
|
||||
else {
|
||||
// Generate the thumbnail
|
||||
$Image = new Image();
|
||||
|
||||
|
||||
//Handling all other formats than svg
|
||||
if (strcasecmp($fileExtension, 'svg') != 0) {
|
||||
$Image->setImage(PATH_TMP.'original'.'.'.$fileExtension, THUMBNAILS_WIDTH, THUMBNAILS_HEIGHT, 'crop');
|
||||
@ -56,7 +65,7 @@ else {
|
||||
|
||||
// Move the original to the upload folder.
|
||||
rename(PATH_TMP.'original'.'.'.$fileExtension, PATH_UPLOADS.$tmpName);
|
||||
|
||||
|
||||
//If it is a svg file, just save a copy in thumbnail-folder
|
||||
if (strcasecmp($fileExtension, 'svg') == 0) {
|
||||
symlink(PATH_UPLOADS.$tmpName, PATH_UPLOADS_THUMBNAILS.$tmpName);
|
||||
@ -73,4 +82,4 @@ exit(json_encode(array(
|
||||
'filename'=>$tmpName
|
||||
)));
|
||||
|
||||
?>
|
||||
?>
|
@ -30,6 +30,9 @@ if( $layout['slug']==='ajax' )
|
||||
// Check if the user is loggued.
|
||||
if($Login->isLogged())
|
||||
{
|
||||
// Rules: Security check CSRF
|
||||
include(PATH_RULES.'99.security.php');
|
||||
|
||||
// Load the ajax file.
|
||||
if( Sanitize::pathFile(PATH_AJAX, $layout['parameters'].'.php') ) {
|
||||
include(PATH_AJAX.$layout['parameters'].'.php');
|
||||
|
Loading…
Reference in New Issue
Block a user