Revision 09d59743
Added by Jim Pingle almost 6 years ago
| src/etc/inc/util.inc | ||
|---|---|---|
| 2907 | 2907 |
return $dt; |
| 2908 | 2908 |
} |
| 2909 | 2909 |
|
| 2910 |
global $supported_image_types; |
|
| 2911 |
$supported_image_types = array( |
|
| 2912 |
IMAGETYPE_JPEG, |
|
| 2913 |
IMAGETYPE_PNG, |
|
| 2914 |
IMAGETYPE_GIF, |
|
| 2915 |
IMAGETYPE_WEBP |
|
| 2916 |
); |
|
| 2917 |
|
|
| 2918 |
function is_supported_image($image_filename) {
|
|
| 2919 |
global $supported_image_types; |
|
| 2920 |
$img_info = getimagesize($image_filename); |
|
| 2921 |
|
|
| 2922 |
/* If it's not an image, or it isn't in the supported list, return false */ |
|
| 2923 |
if (($img_info === false) || |
|
| 2924 |
!in_array($img_info[2], array_keys($supported_image_types))) {
|
|
| 2925 |
return false; |
|
| 2926 |
} else {
|
|
| 2927 |
return $img_info[2]; |
|
| 2928 |
} |
|
| 2929 |
} |
|
| 2930 |
|
|
| 2910 | 2931 |
?> |
| src/usr/local/www/services_captiveportal.php | ||
|---|---|---|
| 311 | 311 |
if (trim($_POST['radiusnasid']) !== "" && !preg_match("/^[\x21-\x7e]{3,253}$/i", trim($_POST['radiusnasid']))) {
|
| 312 | 312 |
$input_errors[] = gettext("The NAS-Identifier must be 3-253 characters long and should only contain ASCII characters.");
|
| 313 | 313 |
} |
| 314 |
if (is_uploaded_file($_FILES['logo-img']['tmp_name']) && |
|
| 315 |
(is_supported_image($_FILES['logo-img']['tmp_name']) === false)) {
|
|
| 316 |
$input_errors[] = gettext("Unsupported logo image type.");
|
|
| 317 |
} |
|
| 318 |
if (is_uploaded_file($_FILES['background-img']['tmp_name']) && |
|
| 319 |
(is_supported_image($_FILES['background-img']['tmp_name']) === false)) {
|
|
| 320 |
$input_errors[] = gettext("Unsupported background image type.");
|
|
| 321 |
} |
|
| 314 | 322 |
|
| 315 | 323 |
if (!$input_errors) {
|
| 316 | 324 |
init_config_arr(array('captiveportal', $cpzone));
|
| ... | ... | |
| 426 | 434 |
|
| 427 | 435 |
// Check for uploaded images for the default CP login |
| 428 | 436 |
if (is_uploaded_file($_FILES['logo-img']['tmp_name'])) {
|
| 429 |
$ext = pathinfo($_FILES['logo-img']['name'],PATHINFO_EXTENSION); |
|
| 430 |
$logo_name = "captiveportal-logo." . $ext; |
|
| 437 |
|
|
| 438 |
/* Validated above, so returned value is OK */ |
|
| 439 |
$logo_name = "captiveportal-logo." . image_type_to_extension(is_supported_image($_FILES['logo-img']['tmp_name'])); |
|
| 431 | 440 |
for ($i = 0; $i < count($a_cp[$cpzone]['element']); $i++) {
|
| 432 | 441 |
if (strpos($a_cp[$cpzone]['element'][$i]['name'], "captiveportal-logo.") !== false){
|
| 433 | 442 |
// remove old image before replacing it. |
| ... | ... | |
| 447 | 456 |
move_uploaded_file( $_FILES['logo-img']['tmp_name'], $target); |
| 448 | 457 |
} |
| 449 | 458 |
if (is_uploaded_file($_FILES['background-img']['tmp_name'])) {
|
| 450 |
$ext = pathinfo($_FILES['background-img']['name'],PATHINFO_EXTENSION);
|
|
| 451 |
$background_name = "captiveportal-background." . $ext;
|
|
| 459 |
/* Validated above, so returned value is OK */
|
|
| 460 |
$background_name = "captiveportal-background." . image_type_to_extension(is_supported_image($_FILES['background-img']['tmp_name']));
|
|
| 452 | 461 |
// is there already a file with that name? |
| 453 | 462 |
for ($i = 0; $i < count($a_cp[$cpzone]['element']); $i++) {
|
| 454 | 463 |
if (strpos($a_cp[$cpzone]['element'][$i]['name'], "captiveportal-background.") !== false){
|
| src/usr/local/www/widgets/widgets/picture.widget.php | ||
|---|---|---|
| 38 | 38 |
} |
| 39 | 39 |
|
| 40 | 40 |
/* Do not rely on filename to determine image type. */ |
| 41 |
$img_info =getimagesize($image_filename); |
|
| 42 |
switch ($img_info[2]) {
|
|
| 43 |
case IMAGETYPE_GIF: |
|
| 44 |
$pic_type = "gif"; |
|
| 45 |
break; |
|
| 46 |
case IMAGETYPE_JPEG: |
|
| 47 |
$pic_type = "jpg"; |
|
| 48 |
break; |
|
| 49 |
case IMAGETYPE_PNG: |
|
| 50 |
$pic_type = "png"; |
|
| 51 |
break; |
|
| 52 |
default: |
|
| 53 |
echo null; |
|
| 54 |
exit; |
|
| 41 |
$pic_type = is_supported_image($image_filename); |
|
| 42 |
if (empty($pic_type)) {
|
|
| 43 |
exit; |
|
| 55 | 44 |
} |
| 56 | 45 |
|
| 57 | 46 |
if ($user_settings['widgets'][$wk]['picturewidget']) {
|
| ... | ... | |
| 63 | 52 |
} |
| 64 | 53 |
|
| 65 | 54 |
header("Content-Disposition: inline; filename=\"" . basename($image_filename) . "\"");
|
| 66 |
header("Content-Type: image/{$pic_type}");
|
|
| 55 |
header("Content-Type: " . image_type_to_mime_type($pic_type));
|
|
| 67 | 56 |
header("Content-Length: " . strlen($data));
|
| 68 | 57 |
echo $data; |
| 69 | 58 |
exit; |
| ... | ... | |
| 88 | 77 |
die("Could not read temporary file");
|
| 89 | 78 |
} else {
|
| 90 | 79 |
// Make sure they upload an image and not some other file |
| 91 |
$img_info =getimagesize($_FILES['pictfile']['tmp_name']); |
|
| 92 |
if($img_info === FALSE){
|
|
| 93 |
die("Unable to determine image type of uploaded file");
|
|
| 94 |
} |
|
| 95 |
if(($img_info[2] !== IMAGETYPE_GIF) && ($img_info[2] !== IMAGETYPE_JPEG) && ($img_info[2] !== IMAGETYPE_PNG)){
|
|
| 96 |
die("Not a gif/jpg/png");
|
|
| 80 |
if (!is_supported_image($_FILES['pictfile']['tmp_name'])) {
|
|
| 81 |
die("Not a supported image type");
|
|
| 97 | 82 |
} |
| 98 | 83 |
$picname = basename($_FILES['uploadedfile']['name']); |
| 99 | 84 |
$user_settings['widgets'][$wk]['picturewidget'] = "/conf/widget_image"; |
Also available in: Unified diff
Image upload validation improvements. Fixes #9804
approved types