1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-30 21:40:43 +02:00

check file type

git-svn-id: file:///svn/phpbb/trunk@6354 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2006-09-05 15:17:45 +00:00
parent 2c2a2c10d9
commit 504eef65c5
3 changed files with 65 additions and 1 deletions

View File

@@ -1255,7 +1255,7 @@ function avatar_delete($id)
*/
function avatar_remote($data, &$error)
{
global $config, $db, $user, $phpbb_root_path;
global $config, $db, $user, $phpbb_root_path, $phpEx;
if (!preg_match('#^(http|https|ftp)://#i', $data['remotelink']))
{
@@ -1284,6 +1284,24 @@ function avatar_remote($data, &$error)
return false;
}
// Check image type
include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx);
$types = fileupload::image_types();
$extension = strtolower(filespec::get_extension($data['remotelink']));
if (!isset($types[$image_data[2]]) || !in_array($extension, $types[$image_data[2]]))
{
if (!isset($types[$image_data[2]]))
{
$error[] = $user->lang['UNABLE_GET_IMAGE_SIZE'];
}
else
{
$error[] = sprintf($user->lang['IMAGE_FILETYPE_MISMATCH'], $types[$image_data[2]][0], $extension);
}
return false;
}
if ($config['avatar_max_width'] || $config['avatar_max_height'])
{
if ($width > $config['avatar_max_width'] || $height > $config['avatar_max_height'])