chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

cleaning the filenames and add more security to files uploaded from ajaxfilemanager

Browse Source
skala
Juan Carlos Raña 16 years ago
parent 07167d0fff
commit 47269b0ec2
1 changed files with 2 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/inc/class.upload.php

3
main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/inc/class.upload.php
Unescape View File

@ -6,6 +6,7 @@
* @since 22/April/2007 * @since 22/April/2007
* *
*/ */
require_once api_get_path(LIBRARY_PATH) . 'fileUpload.lib.php';//from Dokeos
class Upload class Upload
{ {
var $fileType = ""; //the file type var $fileType = ""; //the file type
@ -203,7 +204,7 @@ class Upload
{ {
$this->fileBaseName = $fileBaseName; $this->fileBaseName = $fileBaseName;
} }
$this->fileBaseName=str_replace(' ','_',$this->fileBaseName);// Juan Carlos Ra<EFBFBD>a Because fix long names. See: ajaxfilemanager/inc/class.manager.php $this->fileBaseName=disable_dangerous_file(replace_dangerous_char(str_replace(' ','_',$this->fileBaseName)));// Juan Carlos Raña replace space by _ because fix long names. See: ajaxfilemanager/inc/class.manager.php. And add cleaning from dokeos replace_dangerous_char() and disable_dangerous_file()
$fileName = $this->fileBaseName . $this->fileExtension; $fileName = $this->fileBaseName . $this->fileExtension;
$filePath = $dest . $fileName; $filePath = $dest . $fileName;

Write Preview
Loading…
Cancel
Save