Permalink
Browse files

Merge pull request #733 from narfbg/2.1-stable-upload-hotfix

Hotfix for a bug in the Upload library
  • Loading branch information...
Phil Sturgeon
Phil Sturgeon committed Dec 2, 2011
2 parents cceb206 + 451aa02 commit 5cb1b5bfa3cf6aea8ea3106658a14ae53c2c8047
Showing with 7 additions and 3 deletions.
  1. +5 −2 system/libraries/Upload.php
  2. +2 −1 user_guide/changelog.html
@@ -1042,14 +1042,17 @@ protected function _file_mime_type($file)
if (function_exists('mime_content_type'))
{
$this->file_type = @mime_content_type($file['tmp_name']);
return;
if (strlen($this->file_type) > 0) // Turns out it's possible that mime_content_type() returns FALSE or an empty string
{
return;
}
}
/* This is an ugly hack, but UNIX-type systems provide a native way to detect the file type,
* which is still more secure than depending on the value of $_FILES[$field]['type'].
*
* Notes:
* - a 'W' in the substr() expression bellow, would mean that we're using Windows
* - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system
* - many system admins would disable the exec() function due to security concerns, hence the function_exists() check
*/
if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec'))
@@ -28,7 +28,7 @@
<div id="masthead">
<table cellpadding="0" cellspacing="0" border="0" style="width:100%">
<tr>
<td><h1>CodeIgniter User Guide Version 2.1.0</h1></td>
<td><h1>CodeIgniter User Guide Version 2.1.1</h1></td>
<td id="breadcrumb_right"><a href="./toc.html">Table of Contents Page</a></td>
</tr>
</table>
@@ -72,6 +72,7 @@ <h3>Bug fixes for 2.1.1</h3>
<ul>
<li>Fixed a bug (#697) - A wrong array key was used in the Upload library to check for mime-types.</li>
<li>Fixed a bug - form_open() compared $action against site_url() instead of base_url()</li>
<li>Fixed a bug - CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE.</li>
</ul>

0 comments on commit 5cb1b5b

Please sign in to comment.