diff options
| author | Florian Pritz <bluewind@xssn.at> | 2011-01-18 19:12:36 +0100 |
|---|---|---|
| committer | Florian Pritz <bluewind@xssn.at> | 2011-01-18 19:12:36 +0100 |
| commit | b6b8a6587c399bfd89e13e92ce04ee8486688e6e (patch) | |
| tree | 6479b1bfff401c6f143b2c7e1ba8554adbb233b0 /system/application/controllers | |
| parent | 40b842682fbb4e27031ffdb26709d20f4f9b38e9 (diff) | |
disable do_paste due to bot problems
There are still bots which are able to trick the hidden email field and
they upload phishing pages which let to paste.xinu.at being listed.
Signed-off-by: Florian Pritz <bluewind@xssn.at>
Diffstat (limited to 'system/application/controllers')
| -rw-r--r-- | system/application/controllers/file.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/system/application/controllers/file.php b/system/application/controllers/file.php index adde14927..a11255986 100644 --- a/system/application/controllers/file.php +++ b/system/application/controllers/file.php @@ -124,8 +124,12 @@ class File extends Controller { // support textareas on the upload form // XXX: This requires users of suhosin to adjust maxium post and request size // TODO: merge with do_upload() + // XXX: this is too vulnerable to bots function do_paste() { + // FIXME: disable until bot problem is really fixed + return $this->upload_form(); + $data = array(); $content = $this->input->post('content')."\n"; $extension = $this->input->post('extension'); |