summaryrefslogtreecommitdiffstats
path: root/system/libraries/Upload.php
diff options
context:
space:
mode:
authorPhil Sturgeon <email@philsturgeon.co.uk>2011-12-02 15:14:09 +0100
committerPhil Sturgeon <email@philsturgeon.co.uk>2011-12-02 15:14:09 +0100
commit5cb1b5bfa3cf6aea8ea3106658a14ae53c2c8047 (patch)
treec6bff5442978a46f81431a41ee1e97e08e716646 /system/libraries/Upload.php
parentcceb2063ae42eaee5a1ae7fd07e7054f6c239ae5 (diff)
parent451aa026e3e82122cdd41cd8574894cc93610010 (diff)
Merge pull request #733 from narfbg/2.1-stable-upload-hotfix
Hotfix for a bug in the Upload library
Diffstat (limited to 'system/libraries/Upload.php')
-rw-r--r--system/libraries/Upload.php7
1 files changed, 5 insertions, 2 deletions
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index fe5907ab2..506d15897 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -1042,14 +1042,17 @@ class CI_Upload {
if (function_exists('mime_content_type'))
{
$this->file_type = @mime_content_type($file['tmp_name']);
- return;
+ if (strlen($this->file_type) > 0) // Turns out it's possible that mime_content_type() returns FALSE or an empty string
+ {
+ return;
+ }
}
/* This is an ugly hack, but UNIX-type systems provide a native way to detect the file type,
* which is still more secure than depending on the value of $_FILES[$field]['type'].
*
* Notes:
- * - a 'W' in the substr() expression bellow, would mean that we're using Windows
+ * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system
* - many system admins would disable the exec() function due to security concerns, hence the function_exists() check
*/
if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec'))