From a3e8c97ef56ac178482ce9c657a8390f50d839a9 Mon Sep 17 00:00:00 2001
From: kagla <kagla@naver.com>
Date: Wed, 15 Sep 2021 02:30:19 +0000
Subject: [PATCH] =?UTF-8?q?=EC=9D=B4=EB=AF=B8=EC=A7=80=20=ED=8C=8C?=
 =?UTF-8?q?=EC=9D=BC=20=EC=97=85=EB=A1=9C=EB=93=9C=20=EA=B8=B0=EB=8A=A5?=
 =?UTF-8?q?=EC=9D=84=20=EC=9D=B4=EC=9A=A9=ED=95=9C=20=EC=9B=B9=EB=B3=80?=
 =?UTF-8?q?=EC=A1=B0=20=EB=B0=A9=EC=A7=80=20=EC=BD=94=EB=93=9C=20=EC=A0=81?=
 =?UTF-8?q?=EC=9A=A9=20(=EB=82=98=EC=B0=BD=ED=98=B8=EB=8B=98,=EB=A0=88?=
 =?UTF-8?q?=EC=9D=B4=EB=94=98=EB=8B=98,210915)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 plugin/editor/cheditor5/imageUpload/upload.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/plugin/editor/cheditor5/imageUpload/upload.php b/plugin/editor/cheditor5/imageUpload/upload.php
index 9594f8c7a..f305b65d3 100644
--- a/plugin/editor/cheditor5/imageUpload/upload.php
+++ b/plugin/editor/cheditor5/imageUpload/upload.php
@@ -77,7 +77,7 @@ run_event('cheditor_photo_upload', $data_dir, $data_url);
 //
 $tempfile = $_FILES['file']['tmp_name'];
 $filename = $_FILES['file']['name'];
-
+$filename_len = strrpos($filename, ".");
 $type = substr($filename, strrpos($filename, ".")+1);
 $found = false;
 switch ($type) {
@@ -89,7 +89,7 @@ switch ($type) {
 		$found = true;
 }
 
-if ($found != true) {
+if ($found != true || $filename_len != 23) {
 	exit;
 }