diff options
Diffstat (limited to 'phpBB/includes/functions_upload.php')
| -rw-r--r-- | phpBB/includes/functions_upload.php | 15 |
1 files changed, 0 insertions, 15 deletions
diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index 6b5d043bae..a7a76cf526 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -226,21 +226,6 @@ class filespec return false; } - -/* - // Adjust destination path (no trailing slash) - if ($destination{(sizeof($destination)-1)} == '/' || $destination{(sizeof($destination)-1)} == '\\') - { - $destination = substr($destination, 0, sizeof($destination)-2); - } - - $destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination); - if ($destination && ($destination{0} == '/' || $destination{0} == "\\")) - { - $destination = ''; - } -*/ - // We need to trust the admin in specifying valid upload directories and an attacker not being able to overwrite it... $this->destination_path = $phpbb_root_path . $destination; |