From c78a259b4af7430f237636b5f93d6eb59443a1e2 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 9 Jun 2010 11:45:32 -0500 Subject: Fixed an undefined variable PHP error in the do_xss_clean() method of the Upload library. --- system/libraries/Upload.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'system/libraries/Upload.php') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 7a5eef0f3..8bdb4be19 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -812,13 +812,13 @@ class CI_Upload { { $current = ini_get('memory_limit') * 1024 * 1024; - // There was a bug/behavioural change in PHP 5.2, where numbers over one million get output - // into scientific notation. number_format() ensures this number is an integer - // http://bugs.php.net/bug.php?id=43053 - - $new_memory = number_format(ceil(filesize($this->new_name) + $current), 0, '.', ''); - - ini_set('memory_limit', $new_memory); // When an integer is used, the value is measured in bytes. - PHP.net + // There was a bug/behavioural change in PHP 5.2, where numbers over one million get output + // into scientific notation. number_format() ensures this number is an integer + // http://bugs.php.net/bug.php?id=43053 + + $new_memory = number_format(ceil(filesize($file) + $current), 0, '.', ''); + + ini_set('memory_limit', $new_memory); // When an integer is used, the value is measured in bytes. - PHP.net } // If the file being uploaded is an image, then we should have no problem with XSS attacks (in theory), but -- cgit v1.2.3-24-g4f1b