diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-10-15 16:00:47 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-10-15 16:00:47 +0000 |
| commit | 4e6cff3a80ab54de0aff1844947990ffaedb7526 (patch) | |
| tree | da21e0ba30ce2afbc1dcae32dd7a1126cbff55b7 | |
| parent | 7a83d1d233605abf717ab109f176a79987d21589 (diff) | |
| download | forums-4e6cff3a80ab54de0aff1844947990ffaedb7526.tar forums-4e6cff3a80ab54de0aff1844947990ffaedb7526.tar.gz forums-4e6cff3a80ab54de0aff1844947990ffaedb7526.tar.bz2 forums-4e6cff3a80ab54de0aff1844947990ffaedb7526.tar.xz forums-4e6cff3a80ab54de0aff1844947990ffaedb7526.zip | |
Fix for potential security/HTML abuse problem, thanks Silverion
git-svn-id: file:///svn/phpbb/trunk@1205 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/profile.php | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/phpBB/profile.php b/phpBB/profile.php index 212661cc21..3041a67112 100644 --- a/phpBB/profile.php +++ b/phpBB/profile.php @@ -926,7 +926,16 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) { $user_avatar_remoteurl = "http://" . $user_avatar_remoteurl; } - $avatar_sql = ", user_avatar = '$user_avatar_remoteurl', user_avatar_type = " . USER_AVATAR_REMOTE; + + if( preg_match("/^http\:\/\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+\/.*?\.(gif|jpg|png)$/is", $user_avatar_remoteurl) ) + { + $avatar_sql = ", user_avatar = '$user_avatar_remoteurl', user_avatar_type = " . USER_AVATAR_REMOTE; + } + else + { + $error = true; + $error_msg = (!empty($error_msg)) ? $error_msg . "<br />" . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format']; + } } } |