diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2009-05-16 22:27:32 +0000 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2009-05-16 22:27:32 +0000 |
| commit | 8f11bce904d188b29e180a11113b51fdfade60b0 (patch) | |
| tree | 84c35b64a730dc08f959038e3fa8f782df305c01 /core/helpers/photo.php | |
| parent | 6ceb10424b4dc1bba6cfc1bd3a17c4428ae9c98c (diff) | |
Don't allow photos, albums or movies to have a trailing period to avoid
security problems. Ref http://dev.kohanaphp.com/issues/684).
This plus r20823 resolves ticket #248.
Diffstat (limited to 'core/helpers/photo.php')
| -rw-r--r-- | core/helpers/photo.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/core/helpers/photo.php b/core/helpers/photo.php index 8b0e1eab..9e468116 100644 --- a/core/helpers/photo.php +++ b/core/helpers/photo.php @@ -135,9 +135,12 @@ class photo_Core { $group->input("title")->label(t("Title"))->value($photo->title); $group->textarea("description")->label(t("Description"))->value($photo->description); $group->input("filename")->label(t("Filename"))->value($photo->name) - ->callback("item::validate_no_slashes") ->error_messages("conflict", t("There is already a file with this name")) - ->error_messages("no_slashes", t("The directory name can't contain the \"/\" character")); + ->callback("item::validate_no_slashes") + ->error_messages("no_slashes", t("The photo name can't contain a \"/\"")) + ->callback("item::validate_no_trailing_period") + ->error_messages("no_trailing_period", t("The photo name can't end in \".\"")); + $group->submit("")->value(t("Modify")); $form->add_rules_from(ORM::factory("item")); return $form; |