diff options
author | Andrey Andreev <narf@bofh.bg> | 2013-01-28 14:05:55 +0100 |
---|---|---|
committer | Andrey Andreev <narf@bofh.bg> | 2013-01-28 14:05:55 +0100 |
commit | 9711b060063e4cd830197ce57e1844aa25d34dff (patch) | |
tree | 631f527147892e1db7be7c32f79c0e39fcc9b37b /system/libraries/Upload.php | |
parent | 606fee0e2e0aa6a906db82e77090e91f133d7378 (diff) | |
parent | 9be4cd74db158d805e0bc04c48c52a6453337c1d (diff) |
Merge pull request #2201 from xeptor/develop
Upload library, clean_file_name function: Fix xss bug.
Diffstat (limited to 'system/libraries/Upload.php')
-rw-r--r-- | system/libraries/Upload.php | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 96bb17edc..1f0bd6a6e 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1005,7 +1005,14 @@ class CI_Upload { '%3d' // = ); - return stripslashes(str_replace($bad, '', $filename)); + do + { + $old_filename = $filename; + $filename = str_replace($bad, '', $filename); + } + while ($old_filename !== $filename); + + return stripslashes($filename); } // -------------------------------------------------------------------- |