mirror of
https://github.com/moodle/moodle.git
synced 2025-07-10 08:56:39 +02:00
MDL-58220 oauth2: Sanity check user pictures
This commit is contained in:
@ -282,6 +282,18 @@ class client extends \oauth2_client {
|
||||
}
|
||||
}
|
||||
|
||||
if (!empty($user->picture)) {
|
||||
// If it doesn't look like a picture lets unset it.
|
||||
if (function_exists('imagecreatefromstring')) {
|
||||
$img = @imagecreatefromstring($user->picture);
|
||||
if (empty($img)) {
|
||||
unset($user->picture);
|
||||
} else {
|
||||
imagedestroy($img);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return (array)$user;
|
||||
}
|
||||
}
|
||||
|
Reference in New Issue
Block a user