PEAK XOOPS - Re: Protector protects from a legitimate upload. in englishin japanese

Top > XOOPS Modules >Protector >Protector protects from a legitimate upload.

Re: Protector protects from a legitimate upload.

List posts in the topic

none Re: Protector protects from a legitimate upload.

msg# 1.8.1
depth:
2
Previous post - Next post | Parent - No child | Posted on 2007/9/22 17:34
GIJOE  ÀèǤ·³Áâ   Posts: 4110
Quote:

vaughan wrotes:
I understand, and from looking at our uploader class (we don't use xoops uploader class, we use a different class for wfdownloads) the $_FILES['filename']['name'] is sanitized with MyTextSanitizer::stripSlashesGPC($_FILES[$media_name]['name'])

which I presume is safe(r);
Is this a joke?
The code just removes wrong effect from magic_quote_gpc.
It's far from "Sanitizing".

Quote:
we leave the choice of whether the user wants to store the uploads outside of the DocumentRoot to the user, but the option is there for the user to upload to whatever path they choose whether it is inside the DocumentRoot or outside the DocumentRoot, they just have to set the path in preferences.
XOOPS_TRUST_PATH/uploads/ is.


Anyway, I cannot check the class because I'll never use it.
(I don't have such spare time)
Votes:1 Average:10.00

Posts tree

  Advanced search

Login
Username or e-mail:

Password:

Remember Me

Lost Password?

Register now!