Skip to content
Permalink
Browse files Browse the repository at this point in the history
new: add setting for allowing svg org logos
  • Loading branch information
righel committed Mar 17, 2022
1 parent dc63cb7 commit 08a07a3
Show file tree
Hide file tree
Showing 4 changed files with 16 additions and 1 deletion.
1 change: 1 addition & 0 deletions app/Config/config.default.php
Expand Up @@ -17,6 +17,7 @@
'user_monitoring_enabled' => false,
'authkey_keep_session' => false,
'disable_local_feed_access' => false,
'enable_svg_logos' => false,
//'auth' => array('CertAuth.Certificate'), // additional authentication methods
//'auth' => array('ShibbAuth.ApacheShibb'),
//'auth' => array('AadAuth.AadAuthenticate'),
Expand Down
6 changes: 6 additions & 0 deletions app/Controller/OrganisationsController.php
Expand Up @@ -483,6 +483,12 @@ private function __uploadLogo($orgId)
if ($logo['size'] > 0 && $logo['error'] == 0) {
$extension = pathinfo($logo['name'], PATHINFO_EXTENSION);
$filename = $orgId . '.' . ($extension === 'svg' ? 'svg' : 'png');

if ($extension === 'svg' && !Configure::read('Security.enable_svg_logos')) {
$this->Flash->error(__('Invalid file extension, SVG images are not allowed.'));
return false;
}

if (!empty($logo['tmp_name']) && is_uploaded_file($logo['tmp_name'])) {
return move_uploaded_file($logo['tmp_name'], APP . 'webroot/img/orgs/' . $filename);
}
Expand Down
8 changes: 8 additions & 0 deletions app/Model/Server.php
Expand Up @@ -6136,6 +6136,14 @@ private function generateServerSettings()
'tlsv1_3' => 'TLSv1.3',
],
],
'enable_svg_logos' => [
'level' => self::SETTING_OPTIONAL,
'description' => __('When enabled, orgnisation logos in svg format are allowed.'),
'value' => false,
'test' => 'testBool',
'type' => 'boolean',
'null' => true
]
),
'SecureAuth' => array(
'branch' => 1,
Expand Down
2 changes: 1 addition & 1 deletion app/View/Organisations/admin_add.ctp
Expand Up @@ -50,7 +50,7 @@ echo $this->element('genericElements/Form/genericForm', [
'type' => 'file',
'field' => 'logo',
'error' => array('escape' => false),
'label' => __('Logo (48×48 PNG or SVG)'),
'label' => __('Logo (48×48 %s)', Configure::read('Security.enable_svg_logos')? 'PNG or SVG' : 'PNG'),
],
[
'field' => 'nationality',
Expand Down

0 comments on commit 08a07a3

Please sign in to comment.