Dev Miniscule security fix

LimeSurvey · Mar 20, 2016 · 4ff7cb7 · 4ff7cb7
1 parent 0c103b1
commit 4ff7cb7
Showing 1 changed file with 5 additions and 6 deletions.
diff --git a/application/controllers/admin/surveyadmin.php b/application/controllers/admin/surveyadmin.php
@@ -1081,16 +1081,15 @@ public function copy()
 
             if ($action == 'importsurvey')
             {
-
-                $sFullFilepath = Yii::app()->getConfig('tempdir') . DIRECTORY_SEPARATOR . randomChars(30);
-                if (!@move_uploaded_file($_FILES['the_file']['tmp_name'], $sFullFilepath))
+                $sFullFilepath = Yii::app()->getConfig('tempdir') . DIRECTORY_SEPARATOR . randomChars(30).'.'.$sExtension;
+                if (!in_array(strtolower($sExtension),array('lss','txt','tsv','lsa')))
                 {
-                    $aData['sErrorMessage'] = sprintf(gT("An error occurred uploading your file. This may be caused by incorrect permissions in your %s folder."), Yii::app()->getConfig('tempdir'));
+                    $aData['sErrorMessage'] = sprintf(gT("Import failed. You specified an invalid file type '%s'."), $sExtension);
                     $aData['bFailed'] = true;
                 }
-                if (!$aData['bFailed'] && !in_array(strtolower($sExtension),array('lss','txt','tsv','lsa')))
+                elseif (!$aData['bFailed'] && !@move_uploaded_file($_FILES['the_file']['tmp_name'], $sFullFilepath))
                 {
-                    $aData['sErrorMessage'] = sprintf(gT("Import failed. You specified an invalid file type '%s'."), $sExtension);
+                    $aData['sErrorMessage'] = sprintf(gT("An error occurred uploading your file. This may be caused by incorrect permissions in your %s folder."), Yii::app()->getConfig('tempdir'));
                     $aData['bFailed'] = true;
                 }
             }