summaryrefslogtreecommitdiff
path: root/core/helpers/album.php
diff options
context:
space:
mode:
Diffstat (limited to 'core/helpers/album.php')
-rw-r--r--core/helpers/album.php6
1 files changed, 6 insertions, 0 deletions
diff --git a/core/helpers/album.php b/core/helpers/album.php
index c60527b2..1e0d1f7d 100644
--- a/core/helpers/album.php
+++ b/core/helpers/album.php
@@ -41,6 +41,12 @@ class album_Core {
throw new Exception("@todo NAME_CANNOT_CONTAIN_SLASH");
}
+ // We don't allow trailing periods as a security measure
+ // ref: http://dev.kohanaphp.com/issues/684
+ if (rtrim($name, ".") != $name) {
+ throw new Exception("@todo NAME_CANNOT_END_IN_PERIOD");
+ }
+
$album = ORM::factory("item");
$album->type = "album";
$album->title = $title;
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-14 02:11:47 +0000