fix code execution filter

in avatar upload
philippK-de · Feb 5, 2015 · 9ce6301 · 9ce6301
1 parent 07c22ee
commit 9ce6301
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/manageuser.php b/manageuser.php
@@ -151,7 +151,7 @@
             die();
         }
         // don't upload php scripts
-        if ($erweiterung == "php" or $erweiterung == "pl") {
+        if (stristr($erweiterung,"php") or $erweiterung == "pl") {
             $loc = $url . "manageuser.php?action=profile&id=$userid";
             header("Location: $loc");
             die();