Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix issue #44. Thanks to Klaus.
  • Loading branch information
BSteelooper authored and billcreswell committed Apr 8, 2018
1 parent cad5f63 commit 09f0ab8
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion data/inc/images.php
Expand Up @@ -34,9 +34,13 @@
if (isset($_POST['submit'])) {
//Check if the file is JPG, PNG or GIF.
if (in_array($_FILES['imagefile']['type'], array('image/pjpeg', 'image/jpeg','image/png', 'image/gif'))) {
/* fix issue 44. Thanks to Klaus. */
$imagewhitelist = array('jfif', '.png', '.jpg', '.gif', 'jpeg');
if (!in_array(strtolower(substr($_FILES['imagefile']['name'], -4)), $imagewhitelist))
show_error($lang['general']['upload_failed'], 1);
/* end of fix issue 44. Thanks to Klaus. */
if (!copy($_FILES['imagefile']['tmp_name'], 'images/'.$_FILES['imagefile']['name']))
show_error($lang['general']['upload_failed'], 1);

else {
chmod('images/'.$_FILES['imagefile']['name'], 0666);
?>
Expand Down

0 comments on commit 09f0ab8

Please sign in to comment.