From 303b06a3646f593ccf6e72efefcf8e92381cf2cb Mon Sep 17 00:00:00 2001
From: satish <satish.dvnk@vtiger.com>
Date: Sun, 3 Jul 2016 20:32:10 +0530
Subject: [PATCH] Validating file extension and mime-content in company logo

---
 .../Vtiger/actions/CompanyDetailsSave.php     | 24 ++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/modules/Settings/Vtiger/actions/CompanyDetailsSave.php b/modules/Settings/Vtiger/actions/CompanyDetailsSave.php
index afaa28be0..883c1abc1 100644
--- a/modules/Settings/Vtiger/actions/CompanyDetailsSave.php
+++ b/modules/Settings/Vtiger/actions/CompanyDetailsSave.php
@@ -20,10 +20,28 @@ class Settings_Vtiger_CompanyDetailsSave_Action extends Settings_Vtiger_Basic_Ac
             $saveLogo = $status = true;
 			if(!empty($_FILES['logo']['name'])) {
 				$logoDetails = $_FILES['logo'];
-				$saveLogo = Vtiger_Functions::validateImage($logoDetails);
-				if (is_string($saveLogo)) $saveLogo = ($saveLogo == 'false')? false : true;
+				$fileType = explode('/', $logoDetails['type']);
+				$fileType = $fileType[1];
 
-                if ($saveLogo) {
+				if (!$logoDetails['size'] || !in_array($fileType, Settings_Vtiger_CompanyDetails_Model::$logoSupportedFormats)) {
+					$saveLogo = false;
+				}
+
+				if ($saveLogo) {
+					//mime type check
+					$mimeType = mime_content_type($logoDetails['tmp_name']);
+					$mimeTypeContents = explode('/', $mimeType);
+					if ($mimeTypeContents[0] != 'image' || !in_array($mimeTypeContents[1], Settings_Vtiger_CompanyDetails_Model::$logoSupportedFormats)) {
+						$saveLogo = false;
+					}
+				}
+
+				if ($saveLogo) {
+					$saveLogo = Vtiger_Functions::validateImage($logoDetails);
+					if (is_string($saveLogo)) $saveLogo = ($saveLogo == 'false')? false : true;
+				}
+
+				if ($saveLogo) {
                     $moduleModel->saveLogo();
                 }
             }else{
-- 
GitLab