diff options
| -rw-r--r-- | system/libraries/Upload.php | 2 | ||||
| -rw-r--r-- | user_guide/changelog.html | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 751044968..3227c3747 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -190,7 +190,7 @@ class CI_Upload { $this->file_name = $this->_prep_filename($_FILES[$field]['name']); $this->file_size = $_FILES[$field]['size']; $this->file_type = preg_replace("/^(.+?);.*$/", "\\1", $_FILES[$field]['type']); - $this->file_type = trim(stripslashes($this->file_type), '"'); + $this->file_type = strtolower(trim(stripslashes($this->file_type), '"')); $this->file_ext = $this->get_extension($_FILES[$field]['name']); // Convert the file size to kilobytes diff --git a/user_guide/changelog.html b/user_guide/changelog.html index 21b60ace8..6eb036096 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -94,6 +94,7 @@ Hg Tag: </p> <li>Added a <kbd>$xss_clean</kbd> class variable to the XMLRPC library, enabling control over the use of the Security library's <kbd>xss_clean()</kbd> method.</li> <li>Added a <kbd>download()</kbd> method to the <a href="libraries/ftp.html">FTP library</a></li> <li>Changed <kbd>do_xss_clean()</kbd> to return FALSE if the uploaded file fails XSS checks.</li> + <li>Added stripslashes() and trim()ing of double quotes from $_FILES type value to standardize input.</li> </ul> </li> <li>Database |