firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

이미지 파일 업로드 기능을 이용한 웹변조 방지 코드 적용 (나창호님,레이딘님,210915)

Browse Source
This commit is contained in:
kagla
2021-09-15 02:30:19 +00:00
parent bdd52dae6f
commit a3e8c97ef5
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
plugin/editor/cheditor5/imageUpload/upload.php
View File

@ -77,7 +77,7 @@ run_event('cheditor_photo_upload', $data_dir, $data_url);
//
$tempfile = $_FILES['file']['tmp_name'];
$filename = $_FILES['file']['name'];
$filename_len = strrpos($filename, ".");
$type = substr($filename, strrpos($filename, ".")+1);
$found = false;
switch ($type) {
@ -89,7 +89,7 @@ switch ($type) {
$found = true;
}
if ($found != true) {
if ($found != true || $filename_len != 23) {
exit;
}