diff options
| author | Henry Sudhof <kellanved@phpbb.com> | 2007-07-31 16:31:30 +0000 |
|---|---|---|
| committer | Henry Sudhof <kellanved@phpbb.com> | 2007-07-31 16:31:30 +0000 |
| commit | cef5720962ae88bae37eb2edc942b70400b2ff37 (patch) | |
| tree | 0d78242edf9837dc4fdbd27a53db5965941c2591 /phpBB/includes/functions_user.php | |
| parent | de8c0a3b9c458bad81c4e854117b64a24e2704ab (diff) | |
| download | forums-cef5720962ae88bae37eb2edc942b70400b2ff37.tar forums-cef5720962ae88bae37eb2edc942b70400b2ff37.tar.gz forums-cef5720962ae88bae37eb2edc942b70400b2ff37.tar.bz2 forums-cef5720962ae88bae37eb2edc942b70400b2ff37.tar.xz forums-cef5720962ae88bae37eb2edc942b70400b2ff37.zip | |
#13906 Invalid files will be silently ignored
git-svn-id: file:///svn/phpbb/trunk@7989 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/functions_user.php')
| -rw-r--r-- | phpBB/includes/functions_user.php | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 0194ec06a4..08b2d963ca 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1981,14 +1981,13 @@ function avatar_gallery($category, $avatar_select, $items_per_column, $block_var $dp2 = @opendir("$path/$file"); while (($sub_file = readdir($dp2)) !== false) { - if (preg_match('#\.(?:gif|png|jpe?g)$#i', $sub_file)) + if (preg_match('#^[^&"<>]*\.(?:gif|png|jpe?g)$#i', $sub_file)) { $avatar_list[$file][$avatar_row_count][$avatar_col_count] = array( 'file' => "$file/$sub_file", 'filename' => $sub_file, 'name' => ucfirst(str_replace('_', ' ', preg_replace('#^(.*)\..*$#', '\1', $sub_file))), ); - $avatar_col_count++; if ($avatar_col_count == $items_per_column) { |