WordPress.org

Plugin Directory


Ignore:
Timestamp:
07/02/11 10:40:59 (3 years ago)
Author:
kiaso
Message:

Uploadify.php security issue fixed

File:
1 edited

Legend:

Unmodified
Added
Removed
  • kish-guest-posting/trunk/uploadify/scripts/uploadify.php

    • Property svn:executable set to *
    r352367 r403694  
     1<<<<<<< .mine 
     2<?php 
     3/* 
     4Uploadify v2.1.4 
     5Release Date: November 8, 2010 
     6 
     7Copyright (c) 2010 Ronnie Garcia, Travis Nickels 
     8 
     9Permission is hereby granted, free of charge, to any person obtaining a copy 
     10of this software and associated documentation files (the "Software"), to deal 
     11in the Software without restriction, including without limitation the rights 
     12to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 
     13copies of the Software, and to permit persons to whom the Software is 
     14furnished to do so, subject to the following conditions: 
     15 
     16The above copyright notice and this permission notice shall be included in 
     17all copies or substantial portions of the Software. 
     18 
     19THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
     20IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
     21FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 
     22AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
     23LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 
     24OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 
     25THE SOFTWARE. 
     26*/ 
     27if (!empty($_FILES)) { 
     28    $tempFile = $_FILES['Filedata']['tmp_name']; 
     29    $targetPath = $_SERVER['DOCUMENT_ROOT'] . $_REQUEST['folder'] . '/'; 
     30    $targetFile =  str_replace('//','/',$targetPath) . $_FILES['Filedata']['name']; 
     31     
     32    // $fileTypes  = str_replace('*.','',$_REQUEST['fileext']); 
     33    // $fileTypes  = str_replace(';','|',$fileTypes); 
     34    // $typesArray = split('\|',$fileTypes); 
     35    // $fileParts  = pathinfo($_FILES['Filedata']['name']); 
     36     
     37    // if (in_array($fileParts['extension'],$typesArray)) { 
     38        // Uncomment the following line if you want to make the directory if it doesn't exist 
     39        // mkdir(str_replace('//','/',$targetPath), 0755, true); 
     40    // Define allowed extensions 
     41    $allowable = array ( 'png', 'gif', 'jpg', 'jpeg' ); 
     42    $fileext = strtolower(substr( $_FILES['Filedata']['name'], -3 )); 
     43   
     44    // Assume evil upload   
     45    $noMatch = 0; 
     46   
     47    // Give it a try with this tiny extensionckeck   
     48    foreach( $allowable as $ext ) { 
     49        if ( strcasecmp( $fileext, $ext ) == 0 ) { 
     50            $noMatch = 1; 
     51        } 
     52    } 
     53    if(!$noMatch){ // People are bad. I told you...  
     54        echo "This file is not allowed..."; 
     55        exit(); 
     56    } 
     57    else { 
     58        move_uploaded_file($tempFile,$targetFile); 
     59        echo str_replace($_SERVER['DOCUMENT_ROOT'],'',$targetFile); 
     60    } 
     61         
     62         
     63    // } else { 
     64    //  echo 'Invalid file type.'; 
     65    // } 
     66} 
     67?>======= 
    168<?php 
    269/* 
     
    43110    // } 
    44111} 
    45 ?> 
     112?>>>>>>>> .r403691 
Note: See TracChangeset for help on using the changeset viewer.