[Solar-svn] Revision 3183
pmjones at solarphp.com
pmjones at solarphp.com
Wed May 28 11:24:01 CDT 2008
Solar_Filter_ValidateUpload: [CHG] When checking file extensions, force to lower-case on the expected and actual, so that (e.g.) "JPEG", "JPeg", and "jpeg" all match.
Modified: trunk/Solar/Filter/ValidateUpload.php
===================================================================
--- trunk/Solar/Filter/ValidateUpload.php 2008-05-28 16:18:10 UTC (rev 3182)
+++ trunk/Solar/Filter/ValidateUpload.php 2008-05-28 16:24:01 UTC (rev 3183)
@@ -112,10 +112,21 @@
// find the file name extension, minus the dot
$ext = substr(strrchr($value['name'], '.'), 1);
- // is the extension allowed?
- if (! in_array($ext, (array) $file_ext)) {
- return $this->_invalid('INVALID_UPLOAD_FILENAME_EXT');
+ // force to lower-case for comparisons
+ $ext = strtolower($ext);
+
+ // check against the allowed extensions
+ foreach ((array) $file_ext as $val) {
+ // force to lower-case for comparisons
+ $val = strtolower($val);
+ if ($ext == $val) {
+ // it's an allowed extension
+ return true;
+ }
}
+
+ // didn't find the extension in the allowed list
+ return $this->_invalid('INVALID_UPLOAD_FILENAME_EXT');
}
// looks like we're ok!
More information about the Solar-svn
mailing list