From ac26bb458f2a2ea60848921826c69bfe03e676db Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Thu, 28 Oct 2010 21:41:14 +0200 Subject: [ticket/9764] Allow $config['mime_triggers'] to be an empty string. explode('|', '') and explode('|', NULL) both return array(0 => '') which can cause filespec::check_content() to reject everything starting with a '<' character in case $config['mime_triggers'] is an empty string or not set. fileupload::set_disallowed_content() now filters out empty strings by calling array_diff() on the passed array, so setting $config['mime_triggers'] to an empty string will turn off mime checking completely. On the other side we want to fail safe if $config['mime_triggers'] is not set at all. To do this, the array fileupload::$disallowed_content now contains some default strings to be filtered out. PHPBB3-9764 --- phpBB/includes/functions_upload.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions_upload.php') diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index 7f09cc1640..d5bbd80242 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -458,7 +458,7 @@ class fileerror extends filespec class fileupload { var $allowed_extensions = array(); - var $disallowed_content = array(); + var $disallowed_content = array('body', 'head', 'html', 'img', 'plaintext', 'a href', 'pre', 'script', 'table', 'title'); var $max_filesize = 0; var $min_width = 0; var $min_height = 0; @@ -539,7 +539,7 @@ class fileupload { if ($disallowed_content !== false && is_array($disallowed_content)) { - $this->disallowed_content = $disallowed_content; + $this->disallowed_content = array_diff($disallowed_content, array('')); } } -- cgit v1.2.1