diff options
author | Phil Sturgeon <email@philsturgeon.co.uk> | 2011-12-02 15:14:09 +0100 |
---|---|---|
committer | Phil Sturgeon <email@philsturgeon.co.uk> | 2011-12-02 15:14:09 +0100 |
commit | 5cb1b5bfa3cf6aea8ea3106658a14ae53c2c8047 (patch) | |
tree | c6bff5442978a46f81431a41ee1e97e08e716646 | |
parent | cceb2063ae42eaee5a1ae7fd07e7054f6c239ae5 (diff) | |
parent | 451aa026e3e82122cdd41cd8574894cc93610010 (diff) |
Merge pull request #733 from narfbg/2.1-stable-upload-hotfix
Hotfix for a bug in the Upload library
-rw-r--r-- | system/libraries/Upload.php | 7 | ||||
-rw-r--r-- | user_guide/changelog.html | 3 |
2 files changed, 7 insertions, 3 deletions
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index fe5907ab2..506d15897 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1042,14 +1042,17 @@ class CI_Upload { if (function_exists('mime_content_type')) { $this->file_type = @mime_content_type($file['tmp_name']); - return; + if (strlen($this->file_type) > 0) // Turns out it's possible that mime_content_type() returns FALSE or an empty string + { + return; + } } /* This is an ugly hack, but UNIX-type systems provide a native way to detect the file type, * which is still more secure than depending on the value of $_FILES[$field]['type']. * * Notes: - * - a 'W' in the substr() expression bellow, would mean that we're using Windows + * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system * - many system admins would disable the exec() function due to security concerns, hence the function_exists() check */ if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec')) diff --git a/user_guide/changelog.html b/user_guide/changelog.html index ae66add33..272db5f37 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -28,7 +28,7 @@ <div id="masthead"> <table cellpadding="0" cellspacing="0" border="0" style="width:100%"> <tr> -<td><h1>CodeIgniter User Guide Version 2.1.0</h1></td> +<td><h1>CodeIgniter User Guide Version 2.1.1</h1></td> <td id="breadcrumb_right"><a href="./toc.html">Table of Contents Page</a></td> </tr> </table> @@ -72,6 +72,7 @@ Change Log <ul> <li>Fixed a bug (#697) - A wrong array key was used in the Upload library to check for mime-types.</li> <li>Fixed a bug - form_open() compared $action against site_url() instead of base_url()</li> + <li>Fixed a bug - CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE.</li> </ul> |