Skip to content

Commit

Permalink
Update filemanager.php
Browse files Browse the repository at this point in the history
  • Loading branch information
condor2 authored Feb 12, 2024
1 parent 790cc5a commit 457e2f3
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions upload/admin/controller/common/filemanager.php
Original file line number Diff line number Diff line change
Expand Up @@ -237,7 +237,7 @@ public function upload(): void {
foreach ($files as $file) {
if (is_file($file['tmp_name'])) {
// Sanitize the filename
$filename = preg_replace('[/\?%*:|"<>]', '', basename(html_entity_decode($file['name'], ENT_QUOTES, 'UTF-8')));
$filename = preg_replace('/[\/\\\\?%*:|"<>]/', '', basename(html_entity_decode($file['name'], ENT_QUOTES, 'UTF-8')));

// Validate the filename length
if ((utf8_strlen($filename) < 3) || (utf8_strlen($filename) > 255)) {
Expand Down Expand Up @@ -323,7 +323,7 @@ public function folder(): void {

if ($this->request->server['REQUEST_METHOD'] == 'POST') {
// Sanitize the folder name
$folder = preg_replace('[/\?%*:|"<>]', '', basename(html_entity_decode($this->request->post['folder'], ENT_QUOTES, 'UTF-8')));
$folder = preg_replace('/[\/\\\\?%*&:|"<>]/', '', basename(html_entity_decode($this->request->post['folder'], ENT_QUOTES, 'UTF-8')));

// Validate the filename length
if ((utf8_strlen($folder) < 3) || (utf8_strlen($folder) > 128)) {
Expand Down

0 comments on commit 457e2f3

Please sign in to comment.