Julian/phpbb_board3-portal_tlw
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'marc1706/master'

Browse Source
This commit is contained in:
Marc Alexander
2011-04-24 21:53:15 +02:00
parent 810aa0bbee 7b8d5f0cb6
commit 853ffaa69f
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
root/portal/includes/functions_upload.php
View File

@@ -112,7 +112,8 @@ class portal_upload
$cur_path = str_replace($mod_dir . '/', '', $cur_path);
$cut_pos = strpos($cur_path, '/');
if(!in_array(substr($cur_path, 0, $cut_pos), array('portal', 'language', 'styles')))
// Only allow files in adm, language, portal and styles folder
if(!in_array(substr($cur_path, 0, $cut_pos), array('adm', 'language', 'portal', 'styles')))
{
$file->remove();
$this->directory_delete($mod_dir);