From b0c7e10d7bb2e429803e12b65548e32f9a7a3816 Mon Sep 17 00:00:00 2001
From: Uma <uma.s@vtiger.com>
Date: Mon, 20 Jul 2020 19:37:01 +0530
Subject: [PATCH] Validate uploaded image for Vtiger Standards
---
kcfinder/core/uploader.php | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/kcfinder/core/uploader.php b/kcfinder/core/uploader.php
index 510033569..42059a6e2 100644
--- a/kcfinder/core/uploader.php
+++ b/kcfinder/core/uploader.php
@@ -59,7 +59,7 @@ class uploader {
foreach ($inputCookie as $key => $value) {
$this->cookie[$key] = vtlib_purify($value);
}
-
+
// LINKING UPLOADED FILE
if (count($_FILES))
$this->file = &$_FILES[key($_FILES)];
@@ -97,7 +97,7 @@ class uploader {
$this->types = &$this->config['types'];
$firstType = array_keys($this->types);
$firstType = $firstType[0];
- $this->get['type'] = "images"; // to allow images upload only
+ $this->get['type'] = "images"; // to allow images upload only
$this->type = (
isset($this->get['type']) &&
isset($this->types[$this->get['type']])
@@ -302,6 +302,14 @@ class uploader {
$gd = new gd($file['tmp_name']);
if (!$gd->init_error && !$this->imageResize($gd, $file['tmp_name']))
return $this->label("The image is too big and/or cannot be resized.");
+
+ //sanitization as per Vtiger standard
+ $isValidImage = Vtiger_Functions::validateImage($file);
+ if (is_string($isValidImage))
+ $isValidImage = ($isValidImage == 'false') ? false : true;
+ if (!$isValidImage) {
+ return $this->label("Denied file extension.");
+ }
//sanitization as per Vtiger standard
$isValidImage = Vtiger_Functions::validateImage($file);
@@ -469,7 +477,7 @@ class uploader {
$CKfuncNum = isset($this->opener['CKEditor']['funcNum'])
? $this->opener['CKEditor']['funcNum'] : 0;
if (!$CKfuncNum) $CKfuncNum = 0;
- if(!is_numeric($CKfuncNum)){
+ if(!is_numeric($CKfuncNum)){
$CKfuncNum = 0; // to prevent xss
}
$url = addcslashes($url, "'");
@@ -520,4 +528,4 @@ if (!kc_CKEditor && !kc_FCKeditor && !kc_Custom)
}
}
-?>
\ No newline at end of file
+?>
--
GitLab