aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/functions_upload.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/functions_upload.php')
-rw-r--r--phpBB/includes/functions_upload.php41
1 files changed, 20 insertions, 21 deletions
diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php
index 51fed45ebd..bd960a1076 100644
--- a/phpBB/includes/functions_upload.php
+++ b/phpBB/includes/functions_upload.php
@@ -58,8 +58,9 @@ class filespec
$this->filename = $upload_ary['tmp_name'];
$this->filesize = $upload_ary['size'];
- $name = trim(utf8_htmlspecialchars(utf8_basename($upload_ary['name'])));
- $this->realname = $this->uploadname = (STRIP) ? stripslashes($name) : $name;
+ $name = (STRIP) ? stripslashes($upload_ary['name']) : $upload_ary['name'];
+ $name = trim(utf8_htmlspecialchars(utf8_basename($name)));
+ $this->realname = $this->uploadname = $name;
$this->mimetype = $upload_ary['type'];
// Opera adds the name to the mime type
@@ -975,7 +976,7 @@ class fileupload
/**
- * Check for allowed extension
+ * Check for bad content (IE mime-sniffing)
*/
function valid_content(&$file)
{
@@ -988,24 +989,22 @@ class fileupload
function image_types()
{
return array(
- 1 => array('gif'),
- 2 => array('jpg', 'jpeg'),
- 3 => array('png'),
- 4 => array('swf'),
- 5 => array('psd'),
- 6 => array('bmp'),
- 7 => array('tif', 'tiff'),
- 8 => array('tif', 'tiff'),
- 9 => array('jpg', 'jpeg'),
- 10 => array('jpg', 'jpeg'),
- 11 => array('jpg', 'jpeg'),
- 12 => array('jpg', 'jpeg'),
- 13 => array('swc'),
- 14 => array('iff'),
- 15 => array('wbmp'),
- 16 => array('xbm'),
+ IMAGETYPE_GIF => array('gif'),
+ IMAGETYPE_JPEG => array('jpg', 'jpeg'),
+ IMAGETYPE_PNG => array('png'),
+ IMAGETYPE_SWF => array('swf'),
+ IMAGETYPE_PSD => array('psd'),
+ IMAGETYPE_BMP => array('bmp'),
+ IMAGETYPE_TIFF_II => array('tif', 'tiff'),
+ IMAGETYPE_TIFF_MM => array('tif', 'tiff'),
+ IMAGETYPE_JPC => array('jpg', 'jpeg'),
+ IMAGETYPE_JP2 => array('jpg', 'jpeg'),
+ IMAGETYPE_JPX => array('jpg', 'jpeg'),
+ IMAGETYPE_JB2 => array('jpg', 'jpeg'),
+ IMAGETYPE_SWC => array('swc'),
+ IMAGETYPE_IFF => array('iff'),
+ IMAGETYPE_WBMP => array('wbmp'),
+ IMAGETYPE_XBM => array('xbm'),
);
}
}
-
-?> \ No newline at end of file
generated by cgit v1.2.1 (git 2.21.0) at 2025-11-17 10:41:29 +0000