github/torrentpier
1
0
Fork 0
mirror of https://github.com/torrentpier/torrentpier synced 2025-08-22 06:13:58 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Added check up_allowed in Upload.php class (#924)

Browse source
This commit is contained in:
Roman Kelesidis 2023-10-02 13:28:34 +07:00 committed by GitHub
commit ddaf31ea42
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
library/language/source/main.php
View file

@ -2785,6 +2785,7 @@ $lang['NEW_POLL_M_EXPLAIN'] = 'Each row corresponds to one answer (max';
$lang['OLD_BROWSER'] = 'You are using an outdated browser. The website will not display correctly.';
$lang['GO_BACK'] = 'Go back';
$lang['UPLOAD_ERROR_COMMON_DISABLED'] = 'File upload disabled';
$lang['UPLOAD_ERROR_COMMON'] = 'File upload error';
$lang['UPLOAD_ERROR_SIZE'] = 'The uploaded file exceeds the maximum size of %s';
$lang['UPLOAD_ERROR_FORMAT'] = 'Invalid file type of image';

7
src/Legacy/Common/Upload.php
View file

@ -21,6 +21,7 @@ class Upload
'max_height' => 0,
'allowed_ext' => [],
'upload_path' => '',
'up_allowed' => false,
];
public $file = [
'name' => '',
@ -58,6 +59,12 @@ class Upload
$this->cfg = array_merge($this->cfg, $cfg);
$this->file = $post_params;
// Check upload allowed
if (!$this->cfg['up_allowed']) {
$this->errors[] = $lang['UPLOAD_ERROR_COMMON_DISABLED'];
return false;
}
// upload errors from $_FILES
if ($this->file['error']) {
$msg = $lang['UPLOAD_ERROR_COMMON'];