Permalink
Browse files

issue: File Upload Bypass

This addresses an issue where someone can bypass the file restrictions on
the file upload field in the Client Portal. This adds the allowed
extensions and file types to the field options so that User’s cannot
upload anything other than the allowed file types.
  • Loading branch information...
JediKev committed Nov 6, 2017
1 parent acac370 commit 3eb161472e5b2f13cda916c88479fbe35132a69c
Showing with 8 additions and 2 deletions.
  1. +7 −1 include/ajax.forms.php
  2. +1 −1 include/class.forms.php
View
@@ -381,9 +381,15 @@ function upload($id) {
}
function attach() {
global $thisstaff;
$config = DynamicFormField::objects()
->filter(array('type__contains'=>'thread'))
->first()->getConfiguration();
$field = new FileUploadField();
$field->_config = $config;
return JsonDataEncoder::encode(
array('id'=>$field->ajaxUpload())
array('id'=>$field->ajaxUpload($thisstaff ? true : false))
);
}
View
@@ -2837,7 +2837,7 @@ function isValidFileType($name, $type=false) {
// Check MIME type - file ext. shouldn't be solely trusted.
if ($type && $config['__mimetypes']
&& in_array($type, $config['__mimetypes']))
&& in_array($type, $config['__mimetypes'], true))
return true;
// Return true if all file types are allowed (.*)

0 comments on commit 3eb1614

Please sign in to comment.