diff options
Diffstat (limited to 'phpBB/includes/functions_upload.php')
| -rw-r--r-- | phpBB/includes/functions_upload.php | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index 9f02c5f74e..cd35254b28 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -221,6 +221,8 @@ class filespec return false; } + +/* // Adjust destination path (no trailing slash) if ($destination{(sizeof($destination)-1)} == '/' || $destination{(sizeof($destination)-1)} == '\\') { @@ -232,13 +234,29 @@ class filespec { $destination = ''; } +*/ + // We need to trust the admin in specifying valid upload directories and an attacker not being able to overwrite it... $this->destination_path = $phpbb_root_path . $destination; + // Check if the destination path exist... + if (!file_exists($this->destination_path)) + { + @unlink($this->filename); + return false; + } + $upload_mode = (@ini_get('open_basedir') || @ini_get('safe_mode')) ? 'move' : 'copy'; $upload_mode = ($this->local) ? 'local' : $upload_mode; $this->destination_file = $this->destination_path . '/' . basename($this->realname); + // Check if the file already exist, else there is something wrong... + if (file_exists($this->destination_file)) + { + @unlink($this->filename); + return false; + } + switch ($upload_mode) { case 'copy': |