diff options
| author | Igor Wiedler <igor@wiedler.ch> | 2011-01-10 23:42:41 +0100 |
|---|---|---|
| committer | Igor Wiedler <igor@wiedler.ch> | 2011-01-10 23:42:41 +0100 |
| commit | c9b9016ca8fb83d57d7bfaeb9cc9772a722fa458 (patch) | |
| tree | 0067ffed98002d41ad42d5328ca7dea990f69be2 | |
| parent | d7299f5071d461e6bf77df8c96b19bcd1bf027db (diff) | |
| parent | ac26bb458f2a2ea60848921826c69bfe03e676db (diff) | |
| download | forums-c9b9016ca8fb83d57d7bfaeb9cc9772a722fa458.tar forums-c9b9016ca8fb83d57d7bfaeb9cc9772a722fa458.tar.gz forums-c9b9016ca8fb83d57d7bfaeb9cc9772a722fa458.tar.bz2 forums-c9b9016ca8fb83d57d7bfaeb9cc9772a722fa458.tar.xz forums-c9b9016ca8fb83d57d7bfaeb9cc9772a722fa458.zip | |
Merge branch 'ticket/bantu/9764' into develop-olympus
| -rw-r--r-- | phpBB/includes/functions_posting.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/functions_upload.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/functions_user.php | 2 |
3 files changed, 4 insertions, 4 deletions
diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 6fd87db663..72331a73c6 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -388,7 +388,7 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx); $upload = new fileupload(); - if ($config['check_attachment_content']) + if ($config['check_attachment_content'] && isset($config['mime_triggers'])) { $upload->set_disallowed_content(explode('|', $config['mime_triggers'])); } diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index 7f09cc1640..d5bbd80242 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -458,7 +458,7 @@ class fileerror extends filespec class fileupload { var $allowed_extensions = array(); - var $disallowed_content = array(); + var $disallowed_content = array('body', 'head', 'html', 'img', 'plaintext', 'a href', 'pre', 'script', 'table', 'title'); var $max_filesize = 0; var $min_width = 0; var $min_height = 0; @@ -539,7 +539,7 @@ class fileupload { if ($disallowed_content !== false && is_array($disallowed_content)) { - $this->disallowed_content = $disallowed_content; + $this->disallowed_content = array_diff($disallowed_content, array('')); } } diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index f2c80705ba..90341cd926 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -2080,7 +2080,7 @@ function avatar_upload($data, &$error) // Init upload class include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx); - $upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], explode('|', $config['mime_triggers'])); + $upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], (isset($config['mime_triggers']) ? explode('|', $config['mime_triggers']) : false)); if (!empty($_FILES['uploadfile']['name'])) { |