mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-06 14:35:56 +02:00
Code Issues Releases Wiki Activity

Fix for possible security issues..

Browse Source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@2545 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
the_systech 2002-04-29 14:45:07 +00:00
parent ae1c52199f
commit fefdfcd263
1 changed files with 2 additions and 2 deletions

4
phpBB/includes/usercp_avatar.php

@ -74,7 +74,7 @@ function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
$avatar_filename = 'http://' . $avatar_filename;
}
if ( !preg_match('#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+(:[0-9]+)*\/.*?\.(gif|jpg|jpeg|png)$)#is', $avatar_filename) )
if ( !preg_match('#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+(:[0-9]+)*\/[^\"]*?\.(gif|jpg|jpeg|png)$)#is', $avatar_filename) )
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
@ -333,4 +333,4 @@ function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current
return;
}
?>
?>