diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2013-02-09 10:36:03 -0800 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2013-02-09 10:36:03 -0800 |
| commit | 2dc695c6064ca03ddf9cf75825144fff3f80804e (patch) | |
| tree | 089fa01a550744a1019273c088088f2ff496df38 /modules/gallery/helpers | |
| parent | bc8cd154c5bad64ed13a5c6662e9685fdabe2c79 (diff) | |
| parent | 942233dd26a02f86936963e5e7adfea6ae746bba (diff) | |
Merge pull request #129 from shadlaws/fix_1996
#1996 - Add blacklist to legal_file helper.
Diffstat (limited to 'modules/gallery/helpers')
| -rw-r--r-- | modules/gallery/helpers/legal_file.php | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/modules/gallery/helpers/legal_file.php b/modules/gallery/helpers/legal_file.php index ab9047c8..9ed564a1 100644 --- a/modules/gallery/helpers/legal_file.php +++ b/modules/gallery/helpers/legal_file.php @@ -24,6 +24,8 @@ class legal_file_Core { private static $movie_extensions; private static $photo_types; private static $movie_types; + private static $blacklist = array("php", "php3", "php4", "php5", "phtml", "phtm", "shtml", "shtm", + "pl", "cgi", "asp", "sh", "py", "c", "js"); /** * Create a default list of allowed photo MIME types paired with their extensions and then let @@ -38,6 +40,9 @@ class legal_file_Core { $types_by_extension_wrapper->types_by_extension = array( "jpg" => "image/jpeg", "jpeg" => "image/jpeg", "gif" => "image/gif", "png" => "image/png"); module::event("photo_types_by_extension", $types_by_extension_wrapper); + foreach (self::$blacklist as $key) { + unset($types_by_extension_wrapper->types_by_extension[$key]); + } self::$photo_types_by_extension = $types_by_extension_wrapper->types_by_extension; } if ($extension) { @@ -67,6 +72,9 @@ class legal_file_Core { $types_by_extension_wrapper->types_by_extension = array( "flv" => "video/x-flv", "mp4" => "video/mp4", "m4v" => "video/x-m4v"); module::event("movie_types_by_extension", $types_by_extension_wrapper); + foreach (self::$blacklist as $key) { + unset($types_by_extension_wrapper->types_by_extension[$key]); + } self::$movie_types_by_extension = $types_by_extension_wrapper->types_by_extension; } if ($extension) { @@ -118,7 +126,7 @@ class legal_file_Core { $extensions_wrapper = new stdClass(); $extensions_wrapper->extensions = array_keys(legal_file::get_photo_types_by_extension()); module::event("legal_photo_extensions", $extensions_wrapper); - self::$photo_extensions = $extensions_wrapper->extensions; + self::$photo_extensions = array_diff($extensions_wrapper->extensions, self::$blacklist); } if ($extension) { // return true if in array, false if not @@ -139,7 +147,7 @@ class legal_file_Core { $extensions_wrapper = new stdClass(); $extensions_wrapper->extensions = array_keys(legal_file::get_movie_types_by_extension()); module::event("legal_movie_extensions", $extensions_wrapper); - self::$movie_extensions = $extensions_wrapper->extensions; + self::$movie_extensions = array_diff($extensions_wrapper->extensions, self::$blacklist); } if ($extension) { // return true if in array, false if not |