diff options
author | Derek Jones <derek.jones@ellislab.com> | 2010-04-22 23:52:18 +0200 |
---|---|---|
committer | Derek Jones <derek.jones@ellislab.com> | 2010-04-22 23:52:18 +0200 |
commit | 616fb0281ba4bd2339accc47c0a94f7034c61a1a (patch) | |
tree | 571d1dc6526b436a57c802707b4f85d5dc031ed9 | |
parent | dcae4490998dc111d265da11507c0dad660eb1b4 (diff) |
reapplied strtolower() to ->file_type from philsturgeon's changeset 5fe3b04bdf44 to standardize input
-rw-r--r-- | system/libraries/Upload.php | 2 | ||||
-rw-r--r-- | user_guide/changelog.html | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 751044968..3227c3747 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -190,7 +190,7 @@ class CI_Upload { $this->file_name = $this->_prep_filename($_FILES[$field]['name']); $this->file_size = $_FILES[$field]['size']; $this->file_type = preg_replace("/^(.+?);.*$/", "\\1", $_FILES[$field]['type']); - $this->file_type = trim(stripslashes($this->file_type), '"'); + $this->file_type = strtolower(trim(stripslashes($this->file_type), '"')); $this->file_ext = $this->get_extension($_FILES[$field]['name']); // Convert the file size to kilobytes diff --git a/user_guide/changelog.html b/user_guide/changelog.html index 21b60ace8..6eb036096 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -94,6 +94,7 @@ Hg Tag: </p> <li>Added a <kbd>$xss_clean</kbd> class variable to the XMLRPC library, enabling control over the use of the Security library's <kbd>xss_clean()</kbd> method.</li> <li>Added a <kbd>download()</kbd> method to the <a href="libraries/ftp.html">FTP library</a></li> <li>Changed <kbd>do_xss_clean()</kbd> to return FALSE if the uploaded file fails XSS checks.</li> + <li>Added stripslashes() and trim()ing of double quotes from $_FILES type value to standardize input.</li> </ul> </li> <li>Database |