Merge pull request #2201 from xeptor/develop

Upload library, clean_file_name function: Fix xss bug.
author: Andrey Andreev <narf@bofh.bg> 2013-01-28 14:05:55 +0100
committer: Andrey Andreev <narf@bofh.bg> 2013-01-28 14:05:55 +0100
commit: 9711b060063e4cd830197ce57e1844aa25d34dff (patch)
tree: 631f527147892e1db7be7c32f79c0e39fcc9b37b /system
parent: 606fee0e2e0aa6a906db82e77090e91f133d7378 (diff)
parent: 9be4cd74db158d805e0bc04c48c52a6453337c1d (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index 96bb17edc..1f0bd6a6e 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -1005,7 +1005,14 @@ class CI_Upload {
 				'%3d'		// =
 			);
 
-		return stripslashes(str_replace($bad, '', $filename));
+		do
+		{
+			$old_filename = $filename;
+			$filename = str_replace($bad, '', $filename);
+		}
+		while ($old_filename !== $filename);
+
+		return stripslashes($filename);
 	}
 
 	// --------------------------------------------------------------------
author	Andrey Andreev <narf@bofh.bg>	2013-01-28 14:05:55 +0100
committer	Andrey Andreev <narf@bofh.bg>	2013-01-28 14:05:55 +0100
commit	9711b060063e4cd830197ce57e1844aa25d34dff (patch)
tree	631f527147892e1db7be7c32f79c0e39fcc9b37b /system
parent	606fee0e2e0aa6a906db82e77090e91f133d7378 (diff)
parent	9be4cd74db158d805e0bc04c48c52a6453337c1d (diff)