XOOPS /
XoopsCore25
| @@ 124-128 (lines=5) @@ | ||
| 121 | if (is_array($val)) { |
|
| 122 | foreach ($val as $subkey => $subval) { |
|
| 123 | // check bad globals |
|
| 124 | if (in_array($subkey, $this->_bad_globals, true)) { |
|
| 125 | $this->message .= "Attempt to inject '$subkey' was found.\n"; |
|
| 126 | $this->_safe_contami = false; |
|
| 127 | $this->last_error_type = 'CONTAMI'; |
|
| 128 | } |
|
| 129 | $this->_initial_recursive($subval, $key . '_' . base64_encode($subkey)); |
|
| 130 | } |
|
| 131 | } else { |
|
| @@ 947-951 (lines=5) @@ | ||
| 944 | } |
|
| 945 | ||
| 946 | // anti dangerous extensions |
|
| 947 | if (in_array($ext, $bad_extensions)) { |
|
| 948 | $this->message .= "Attempt to upload {$_file['name']}.\n"; |
|
| 949 | $this->_safe_badext = false; |
|
| 950 | $this->last_error_type = 'UPLOAD'; |
|
| 951 | } |
|
| 952 | ||
| 953 | // anti camouflaged image file |
|
| 954 | if (in_array($ext, $image_extensions)) { |
|
