diff options
Diffstat (limited to 'phpBB/includes/functions_user.php')
| -rw-r--r-- | phpBB/includes/functions_user.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index fed783e880..86113899c7 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1975,14 +1975,14 @@ function avatar_gallery($category, $avatar_select, $items_per_column, $block_var while (($file = readdir($dp)) !== false) { - if ($file[0] != '.' && is_dir("$path/$file")) + if ($file[0] != '.' && preg_match('#^[^&"\'<>]+$#i', $file) && is_dir("$path/$file")) { $avatar_row_count = $avatar_col_count = 0; $dp2 = @opendir("$path/$file"); while (($sub_file = readdir($dp2)) !== false) { - if (preg_match('#^[^&"<>]*\.(?:gif|png|jpe?g)$#i', $sub_file)) + if (preg_match('#^[^&\'"<>]+\.(?:gif|png|jpe?g)$#i', $sub_file)) { $avatar_list[$file][$avatar_row_count][$avatar_col_count] = array( 'file' => "$file/$sub_file", |