diff --git a/bl-kernel/ajax/delete-file.php b/bl-kernel/ajax/delete-file.php index 8a5ab299..d53e816d 100644 --- a/bl-kernel/ajax/delete-file.php +++ b/bl-kernel/ajax/delete-file.php @@ -26,6 +26,9 @@ if( Sanitize::pathFile(PATH_UPLOADS.$filename) ) { exit; } -echo json_encode( array('status'=>0, 'msg'=>'The file does not exist.') ); +exit(json_encode(array( + 'status'=>0, + 'msg'=>'The file does not exist.' +))); ?> \ No newline at end of file diff --git a/bl-kernel/ajax/slug.php b/bl-kernel/ajax/slug.php index cf94e123..4315d68b 100644 --- a/bl-kernel/ajax/slug.php +++ b/bl-kernel/ajax/slug.php @@ -21,6 +21,9 @@ elseif( $_POST['type']==='post' ) { $slug = $dbPosts->generateKey($text, $key); } -echo json_encode( array('status'=>1, 'slug'=>$slug) ); +exit(json_encode(array( + 'status'=>1, + 'slug'=>$slug +))); ?> \ No newline at end of file diff --git a/bl-kernel/ajax/uploader.php b/bl-kernel/ajax/uploader.php index 281dddaf..d671c98d 100644 --- a/bl-kernel/ajax/uploader.php +++ b/bl-kernel/ajax/uploader.php @@ -18,6 +18,15 @@ $filename = pathinfo($filename, PATHINFO_FILENAME); $filename = Text::replace(' ', '', $filename); $filename = Text::replace('_', '', $filename); +// Check extension +$validExtension = array('tiff', 'gif', 'png', 'jpg', 'jpeg', 'bmp'); +if( !in_array($fileExtension, $validExtension) ) { + exit(json_encode(array( + 'status'=>1, + 'msg'=>'Invalid extension file.' + ))); +} + // Generate the next filename if the filename already exist. $tmpName = $filename.'.'.$fileExtension; if( file_exists(PATH_UPLOADS.$tmpName) ) @@ -47,7 +56,7 @@ if($type=='profilePicture') else { // Generate the thumbnail $Image = new Image(); - + //Handling all other formats than svg if (strcasecmp($fileExtension, 'svg') != 0) { $Image->setImage(PATH_TMP.'original'.'.'.$fileExtension, THUMBNAILS_WIDTH, THUMBNAILS_HEIGHT, 'crop'); @@ -56,7 +65,7 @@ else { // Move the original to the upload folder. rename(PATH_TMP.'original'.'.'.$fileExtension, PATH_UPLOADS.$tmpName); - + //If it is a svg file, just save a copy in thumbnail-folder if (strcasecmp($fileExtension, 'svg') == 0) { symlink(PATH_UPLOADS.$tmpName, PATH_UPLOADS_THUMBNAILS.$tmpName); @@ -73,4 +82,4 @@ exit(json_encode(array( 'filename'=>$tmpName ))); -?> +?> \ No newline at end of file diff --git a/bl-kernel/boot/admin.php b/bl-kernel/boot/admin.php index fcc39779..04f61bf2 100644 --- a/bl-kernel/boot/admin.php +++ b/bl-kernel/boot/admin.php @@ -30,6 +30,9 @@ if( $layout['slug']==='ajax' ) // Check if the user is loggued. if($Login->isLogged()) { + // Rules: Security check CSRF + include(PATH_RULES.'99.security.php'); + // Load the ajax file. if( Sanitize::pathFile(PATH_AJAX, $layout['parameters'].'.php') ) { include(PATH_AJAX.$layout['parameters'].'.php');