From eb5b81763daa5d6bf5ad1d46053cb5492e4e8983 Mon Sep 17 00:00:00 2001
From: root <you@example.com>
Date: Fri, 15 Mar 2024 13:10:47 +0530
Subject: [PATCH] #Fixes::158429927::Chaitanya N::Unrestricted file upload in
 company logo issue is fixed

---
 vtlib/Vtiger/Functions.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/vtlib/Vtiger/Functions.php b/vtlib/Vtiger/Functions.php
index 6f172249c..3c212a475 100644
--- a/vtlib/Vtiger/Functions.php
+++ b/vtlib/Vtiger/Functions.php
@@ -659,7 +659,7 @@ class Vtiger_Functions {
             $saveimage = false;
         }
 		
-		//Check if the filename starts with the '.' character and it is not accepted those files.
+		//Checking the path of the file 
 		if ($saveimage) {
 			$fileExtensionPath = pathinfo($file_details['name'], PATHINFO_EXTENSION);
 			if (!in_array(strtolower($fileExtensionPath), $allowedImageFormats)) {
@@ -667,6 +667,7 @@ class Vtiger_Functions {
 			}
 		}
 
+		//checking the filename has dot character
 		if ($saveimage) {
 			$firstCharacter = $file_details['name'][0];
 			if ($firstCharacter == '.') {
-- 
GitLab