mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-30 21:40:43 +02:00
Code Issues Releases Wiki Activity

several security fixes in admin pages

Browse Source 
changed bbcode to only allow jpg, jpeg, gif and png


git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@4876 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2004-03-25 15:57:20 +00:00
parent 79c15bd7c1
commit 234b1f13de
21 changed files with 1038 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
phpBB/admin/admin_users.php
View File

@@ -47,6 +47,7 @@ $html_entities_replace = array('<', '>');
if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) )
{
$mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
$mode = htmlspecialchars($mode);
}
else
{
@@ -838,7 +839,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
if( isset($HTTP_POST_VARS['avatarcategory']) )
{
$category = $HTTP_POST_VARS['avatarcategory'];
$category = htmlspecialchars($HTTP_POST_VARS['avatarcategory']);
}
else
{