WordPress.org

Make WordPress Core


Ignore:
Timestamp:
10/02/2004 12:46:30 AM (17 years ago)
Author:
emc3
Message:

Security: Clean up user inputs before using.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/upload.php

    r1576 r1727  
    8181<?php //Makes sure they choose a file
    8282
    83 //print_r($HTTP_POST_FILES);
     83//print_r($_FILES);
    8484//die();
    8585
    8686
    87     $imgalt = (isset($_POST['imgalt'])) ? $_POST['imgalt'] : $imgalt;
    88 
    89     $img1_name = (strlen($imgalt)) ? $_POST['imgalt'] : $HTTP_POST_FILES['img1']['name'];
    90     $img1_type = (strlen($imgalt)) ? $_POST['img1_type'] : $HTTP_POST_FILES['img1']['type'];
    91     $imgdesc = str_replace('"', '&amp;quot;', $_POST['imgdesc']);
     87    $imgalt = basename( (isset($_POST['imgalt'])) ? $_POST['imgalt'] : '' );
     88
     89    $img1_name = (strlen($imgalt)) ? $imgalt : basename( $_FILES['img1']['name'] );
     90    $img1_type = (strlen($imgalt)) ? $_POST['img1_type'] : $_FILES['img1']['type'];
     91    $imgdesc = htmlentities2($imgdesc);
    9292
    9393    $imgtype = explode(".",$img1_name);
     
    100100    if (strlen($imgalt)) {
    101101        $pathtofile = get_settings('fileupload_realpath')."/".$imgalt;
    102         $img1 = $_POST['img1'];
     102        $img1 = $_POST['img1']['tmp_name'];
    103103    } else {
    104104        $pathtofile = get_settings('fileupload_realpath')."/".$img1_name;
    105         $img1 = $HTTP_POST_FILES['img1']['tmp_name'];
     105        $img1 = $_FILES['img1']['tmp_name'];
    106106    }
    107107
     
    192192        }
    193193        elseif($_POST['thumbsize'] == 'custom') {
    194             $max_side = $_POST['imgthumbsizecustom'];
     194            $max_side = intval($_POST['imgthumbsizecustom']);
    195195        }
    196196       
Note: See TracChangeset for help on using the changeset viewer.