aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorz0rglub <z0rglub@piwigo.org>2004-01-24 19:01:41 +0000
committerz0rglub <z0rglub@piwigo.org>2004-01-24 19:01:41 +0000
commitd069762615f75f27fd07c22d3d97b2945483b7be (patch)
tree6d3361bbf3e7295b5381eaf1a7faa42b49a9ee41
parenteedb9e3d6231f7e7b81baf1cc8d1e85eea4600db (diff)
- Php warning correction
- bug 0000002 correction : forbidden characters on file are now checked git-svn-id: http://piwigo.org/svn/branches/release-1_3@315 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r--upload.php11
1 files changed, 10 insertions, 1 deletions
diff --git a/upload.php b/upload.php
index 6dc69631f..a67c84902 100644
--- a/upload.php
+++ b/upload.php
@@ -167,7 +167,8 @@ if ( isset( $_POST['submit'] ) and !isset( $_GET['waiting_id'] ) )
{
array_push( $error, $lang['upload_err_username'] );
}
-
+
+ $date_creation = '';
if ( $_POST['date_creation'] != '' )
{
list( $day,$month,$year ) = explode( '/', $_POST['date_creation'] );
@@ -192,6 +193,14 @@ if ( isset( $_POST['submit'] ) and !isset( $_GET['waiting_id'] ) )
$xml_infos.= ' date_creation="'.$date_creation.'"';
$xml_infos.= ' name="'.htmlspecialchars( $_POST['name'], ENT_QUOTES).'"';
$xml_infos.= ' />';
+
+ if ( !preg_match( '/^[a-zA-Z0-9-_.]+$/', $_FILES['picture']['name'] ) )
+ {
+ // reload language file with administration labels
+ $isadmin = true;
+ include( './language/'.$user['language'].'.php' );
+ array_push( $error, $lang['update_wrong_dirname'] );
+ }
if ( sizeof( $error ) == 0 )
{