mirror of
https://github.com/WordPress/WordPress.git
synced 2024-12-23 09:37:42 +01:00
More upload fixes - http://mosquito.wordpress.org/view.php?id=696
git-svn-id: http://svn.automattic.com/wordpress/trunk@2331 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
4bfafda743
commit
5524255aa5
@ -11,6 +11,9 @@ if ($user_level == 0) //Checks to see if user has logged in
|
|||||||
if (!get_settings('use_fileupload')) //Checks if file upload is enabled in the config
|
if (!get_settings('use_fileupload')) //Checks if file upload is enabled in the config
|
||||||
die (__("The admin disabled this function"));
|
die (__("The admin disabled this function"));
|
||||||
|
|
||||||
|
if ( !get_settings('fileupload_minlevel') )
|
||||||
|
die (__("You are not allowed to upload files"));
|
||||||
|
|
||||||
$allowed_types = explode(' ', trim(strtolower(get_settings('fileupload_allowedtypes'))));
|
$allowed_types = explode(' ', trim(strtolower(get_settings('fileupload_allowedtypes'))));
|
||||||
|
|
||||||
if ($_POST['submit']) {
|
if ($_POST['submit']) {
|
||||||
@ -80,11 +83,11 @@ case 'upload':
|
|||||||
$imgalt = basename( (isset($_POST['imgalt'])) ? $_POST['imgalt'] : '' );
|
$imgalt = basename( (isset($_POST['imgalt'])) ? $_POST['imgalt'] : '' );
|
||||||
|
|
||||||
$img1_name = (strlen($imgalt)) ? $imgalt : basename( $_FILES['img1']['name'] );
|
$img1_name = (strlen($imgalt)) ? $imgalt : basename( $_FILES['img1']['name'] );
|
||||||
$img1_name = preg_replace('/[^a-z0-9.]/i', '', $img1_name);
|
$img1_name = preg_replace('/[^a-z0-9_.]/i', '', $img1_name);
|
||||||
$img1_size = $_POST['img1_size'] ? intval($_POST['img1_size']) : intval($_FILES['img1']['size']);
|
$img1_size = $_POST['img1_size'] ? intval($_POST['img1_size']) : intval($_FILES['img1']['size']);
|
||||||
|
|
||||||
$img1_type = (strlen($imgalt)) ? $_POST['img1_type'] : $_FILES['img1']['type'];
|
$img1_type = (strlen($imgalt)) ? $_POST['img1_type'] : $_FILES['img1']['type'];
|
||||||
$imgdesc = htmlentities2($imgdesc);
|
$imgdesc = htmlentities2($_POST['imgdesc']);
|
||||||
|
|
||||||
$pi = pathinfo($img1_name);
|
$pi = pathinfo($img1_name);
|
||||||
$imgtype = strtolower($pi['extension']);
|
$imgtype = strtolower($pi['extension']);
|
||||||
@ -224,4 +227,4 @@ Name:
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
include('admin-footer.php');
|
include('admin-footer.php');
|
||||||
?>
|
?>
|
Loading…
Reference in New Issue
Block a user