Skip to content
Permalink
Browse files

Fix issue #44. Thanks to Klaus.

  • Loading branch information...
BSteelooper authored and billcreswell committed Apr 8, 2018
1 parent cad5f63 commit 09f0ab871bf633973cfd9fc4fe59d4a912397cf8
Showing with 5 additions and 1 deletion.
  1. +5 −1 data/inc/images.php
@@ -34,9 +34,13 @@
if (isset($_POST['submit'])) {
//Check if the file is JPG, PNG or GIF.
if (in_array($_FILES['imagefile']['type'], array('image/pjpeg', 'image/jpeg','image/png', 'image/gif'))) {
/* fix issue 44. Thanks to Klaus. */
$imagewhitelist = array('jfif', '.png', '.jpg', '.gif', 'jpeg');
if (!in_array(strtolower(substr($_FILES['imagefile']['name'], -4)), $imagewhitelist))
show_error($lang['general']['upload_failed'], 1);
/* end of fix issue 44. Thanks to Klaus. */
if (!copy($_FILES['imagefile']['tmp_name'], 'images/'.$_FILES['imagefile']['name']))
show_error($lang['general']['upload_failed'], 1);
else {
chmod('images/'.$_FILES['imagefile']['name'], 0666);
?>

0 comments on commit 09f0ab8

Please sign in to comment.
You can’t perform that action at this time.