Changeset 391

Timestamp:

2007-06-26 00:10:59 (2 years ago)

Author:

fredck

Message:

Fix for SA25719.

Location:

FCKeditor/trunk/editor/filemanager

Files:

• browser/default/connectors/php/commands.php (modified) (2 diffs)
• browser/default/connectors/php/io.php (modified) (3 diffs)
• upload/php/upload.php (modified) (1 diff)

FCKeditor/trunk/editor/filemanager/browser/default/connectors/php/commands.php

@@ -160 +160 @@
                 $oFile = $_FILES['NewFile'] ;
 
-                // Map the virtual path to the local server path.
-                $sServerDir = ServerMapFolder( $resourceType, $currentFolder ) ;
-
                 // Get the uploaded file name.
                 $sFileName = $oFile['name'] ;
@@ -170 +167 @@
                         $sFileName = preg_replace( '/\\.(?![^.]*$)/', '_', $sFileName ) ;
 
-                $sOriginalFileName = $sFileName ;
-
-                // Get the extension.
-                $sExtension = substr( $sFileName, ( strrpos($sFileName, '.') + 1 ) ) ;
-                $sExtension = strtolower( $sExtension ) ;
-
-                $arAllowed      = $Config['AllowedExtensions'][$resourceType] ;
-                $arDenied       = $Config['DeniedExtensions'][$resourceType] ;
-
-                if ( ( count($arAllowed) == 0 || in_array( $sExtension, $arAllowed ) ) && ( count($arDenied) == 0 || !in_array( $sExtension, $arDenied ) ) )
+                if ( CheckFileName( $sFileName, $resourceType ) )
                 {
+                        // Map the virtual path to the local server path.
+                        $sServerDir = ServerMapFolder( $resourceType, $currentFolder ) ;
+                        
+                        $sOriginalFileName = $sFileName ;
+
+                        // Get the extension.
+                        $sExtension = substr( $sFileName, ( strrpos($sFileName, '.') + 1 ) ) ;
+                        $sExtension = strtolower( $sExtension ) ;
+
                         $iCounter = 0 ;
 

FCKeditor/trunk/editor/filemanager/browser/default/connectors/php/io.php

@@ -46 +46 @@
         {
                 if ( isset( $GLOBALS['HeaderSent'] ) && $GLOBALS['HeaderSent'] )
-                { 
+                {
                         SendErrorNode( 1, "Error creating folder \"{$sResourceTypePath}\" ({$sErrorMsg})" ) ;
                         CreateXmlFooter() ;
@@ -113 +113 @@
         $slash = ( strpos( $sRealPath, '/' ) === false ) ? '\\' : '/' ;
         $sSelfPath = str_replace( '/', $slash, $sSelfPath ) ;
-        
+
         $position = strpos( $sRealPath, $sSelfPath ) ;
 
@@ -123 +123 @@
         return substr( $sRealPath, 0, $position ) ;
 }
+
+function CheckFileName( $fileName, $resourceType )
+{
+        global $Config ;
+
+        // SA25719
+        if ( strpos( strtolower( $fileName ), '::$data' ) != false )
+                return false ;
+
+        // Get the extension.
+        $sExtension = substr( $fileName, ( strrpos($fileName, '.') + 1 ) ) ;
+        $sExtension = strtolower( $sExtension ) ;
+
+        $arDenied       = $Config['DeniedExtensions'][$resourceType] ;
+
+        if ( count($arDenied) > 0 && in_array( $sExtension, $arDenied ) )
+                return false ;
+        
+        $arAllowed      = $Config['AllowedExtensions'][$resourceType] ;
+        
+        if ( count($arAllowed) > 0 && !in_array( $sExtension, $arAllowed ) )
+                return false ;
+
+        return true ;
+}
 ?>

FCKeditor/trunk/editor/filemanager/upload/php/upload.php

@@ -66 +66 @@
     SendResults( 1, '', '', 'Invalid type specified' ) ;
 
+// SA25719
+if ( strpos( strtolower( $sFileName ), '::$data' ) != false )
+        SendResults( '202' ) ;
+
 // Get the allowed and denied extensions arrays.
 $arAllowed      = $Config['AllowedExtensions'][$sType] ;