[ticket/15860] Limit regexp to expected formats

PHPBB3-15860
author: Marc Alexander <admin@m-a-styles.de> 2018-10-30 20:45:09 +0000
committer: Ruben Calvo <rubencm@gmail.com> 2018-10-30 20:49:14 +0000
commit: bab86aac7fac57af6f40d327fb04970b2aecd158 (patch)
tree: 79b2b2acad37a251b9d9a7251d9aa0c4b48f557b /phpBB
parent: 1f14f7c327e52ec67a593d3d0b87e67a4bf7ebd6 (diff)
download: forums-bab86aac7fac57af6f40d327fb04970b2aecd158.tar
forums-bab86aac7fac57af6f40d327fb04970b2aecd158.tar.gz
forums-bab86aac7fac57af6f40d327fb04970b2aecd158.tar.bz2
forums-bab86aac7fac57af6f40d327fb04970b2aecd158.tar.xz
forums-bab86aac7fac57af6f40d327fb04970b2aecd158.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php
index fbc4f045ad..91d49a45b0 100644
--- a/phpBB/includes/acp/acp_database.php
+++ b/phpBB/includes/acp/acp_database.php
@@ -203,7 +203,7 @@ class acp_database
 						$file = $request->variable('file', '');
 						$download = $request->variable('download', '');
 
-						if (!preg_match('#^backup_\d{10,}_[a-z\d]+\.(sql(?:\.(?:gz|bz2))?)$#i', $file, $matches))
+						if (!preg_match('#^backup_\d{10,}_(?:[a-z\d]{16}|[a-z\d]{32})+\.(sql(?:\.(?:gz|bz2))?)$#i', $file, $matches))
 						{
 							trigger_error($user->lang['BACKUP_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
 						}
author	Marc Alexander <admin@m-a-styles.de>	2018-10-30 20:45:09 +0000
committer	Ruben Calvo <rubencm@gmail.com>	2018-10-30 20:49:14 +0000
commit	bab86aac7fac57af6f40d327fb04970b2aecd158 (patch)
tree	79b2b2acad37a251b9d9a7251d9aa0c4b48f557b /phpBB
parent	1f14f7c327e52ec67a593d3d0b87e67a4bf7ebd6 (diff)
download	forums-bab86aac7fac57af6f40d327fb04970b2aecd158.tar forums-bab86aac7fac57af6f40d327fb04970b2aecd158.tar.gz forums-bab86aac7fac57af6f40d327fb04970b2aecd158.tar.bz2 forums-bab86aac7fac57af6f40d327fb04970b2aecd158.tar.xz forums-bab86aac7fac57af6f40d327fb04970b2aecd158.zip