diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2013-02-06 23:47:14 +0100 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2013-02-07 00:08:53 +0100 |
| commit | 5a4da46f9bdadbd1744f78b39c68184b317df60b (patch) | |
| tree | 18c52dcba67cfe1955b1cf61bc893d80401ffa3a /phpBB | |
| parent | c56db535b4f0c943777ab159c14729d724f5d232 (diff) | |
| download | forums-5a4da46f9bdadbd1744f78b39c68184b317df60b.tar forums-5a4da46f9bdadbd1744f78b39c68184b317df60b.tar.gz forums-5a4da46f9bdadbd1744f78b39c68184b317df60b.tar.bz2 forums-5a4da46f9bdadbd1744f78b39c68184b317df60b.tar.xz forums-5a4da46f9bdadbd1744f78b39c68184b317df60b.zip | |
[feature/avatars] Use array for allowed extensions and implode if needed
PHPBB3-10018
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/includes/avatar/driver/driver.php | 7 | ||||
| -rw-r--r-- | phpBB/includes/avatar/driver/local.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/avatar/driver/remote.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/avatar/driver/upload.php | 2 |
4 files changed, 9 insertions, 4 deletions
diff --git a/phpBB/includes/avatar/driver/driver.php b/phpBB/includes/avatar/driver/driver.php index 5a54c3ee37..a116155fd3 100644 --- a/phpBB/includes/avatar/driver/driver.php +++ b/phpBB/includes/avatar/driver/driver.php @@ -54,7 +54,12 @@ abstract class phpbb_avatar_driver implements phpbb_avatar_driver_interface /** * Regex for allowed avatar image extensions */ - const REGEX_ALLOWED_EXT = 'gif|jpg|jpeg|png'; + protected $allowed_extensions = array( + 'gif', + 'jpg', + 'jpeg', + 'png', + ); /** * Construct a driver object diff --git a/phpBB/includes/avatar/driver/local.php b/phpBB/includes/avatar/driver/local.php index a789cd391d..9049cadea8 100644 --- a/phpBB/includes/avatar/driver/local.php +++ b/phpBB/includes/avatar/driver/local.php @@ -162,7 +162,7 @@ class phpbb_avatar_driver_local extends phpbb_avatar_driver $image = $file_info->getFilename(); // Match all images in the gallery folder - if (preg_match('#^[^&\'"<>]+\.(?:'. self::REGEX_ALLOWED_EXT . ')$#i', $image) && is_file($file_path . '/' . $image)) + if (preg_match('#^[^&\'"<>]+\.(?:' . implode('|', $this->allowed_extensions) . ')$#i', $image) && is_file($file_path . '/' . $image)) { if (function_exists('getimagesize')) { diff --git a/phpBB/includes/avatar/driver/remote.php b/phpBB/includes/avatar/driver/remote.php index 9845db4b7f..02098f512c 100644 --- a/phpBB/includes/avatar/driver/remote.php +++ b/phpBB/includes/avatar/driver/remote.php @@ -84,7 +84,7 @@ class phpbb_avatar_driver_remote extends phpbb_avatar_driver // Check if this url looks alright // This isn't perfect, but it's what phpBB 3.0 did, and might as well make sure everything is compatible - if (!preg_match('#^(http|https|ftp)://(?:(.*?\.)*?[a-z0-9\-]+?\.[a-z]{2,4}|(?:\d{1,3}\.){3,5}\d{1,3}):?([0-9]*?).*?\.('. self::REGEX_ALLOWED_EXT . ')$#i', $url)) + if (!preg_match('#^(http|https|ftp)://(?:(.*?\.)*?[a-z0-9\-]+?\.[a-z]{2,4}|(?:\d{1,3}\.){3,5}\d{1,3}):?([0-9]*?).*?\.('. implode('|', $this->allowed_extensions) . ')$#i', $url)) { $error[] = 'AVATAR_URL_INVALID'; return false; diff --git a/phpBB/includes/avatar/driver/upload.php b/phpBB/includes/avatar/driver/upload.php index 282e0a21ff..56569ec63c 100644 --- a/phpBB/includes/avatar/driver/upload.php +++ b/phpBB/includes/avatar/driver/upload.php @@ -66,7 +66,7 @@ class phpbb_avatar_driver_upload extends phpbb_avatar_driver include($this->phpbb_root_path . 'includes/functions_upload' . $this->php_ext); } - $upload = new fileupload('AVATAR_', explode('|', self::REGEX_ALLOWED_EXT), $this->config['avatar_filesize'], $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'], (isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false)); + $upload = new fileupload('AVATAR_', $this->allowed_extensions, $this->config['avatar_filesize'], $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'], (isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false)); $url = $request->variable('avatar_upload_url', ''); $upload_file = $request->file('avatar_upload_file'); |