- Fix image type check for contact photo uploads

git-svn-id: https://svn.roundcube.net/trunk@5110 208e9e7b-5314-0410-a742-e7e81cd9613c

1 files changed, 8 insertions, 2 deletions

diff --git a/roundcubemail/program/steps/addressbook/upload_photo.inc b/roundcubemail/program/steps/addressbook/upload_photo.inc
index 1ed71f8cb..f0430ae80 100644
--- a/roundcubemail/program/steps/addressbook/upload_photo.inc
+++ b/roundcubemail/program/steps/addressbook/upload_photo.inc
@@ -19,14 +19,20 @@
 
 */
 
+// Supported image format types
+// ImageMagick works with other non-image types (e.g.pdf) we don't want here
+$IMAGE_TYPES = explode(',', 'jpeg,jpg,jp2,tiff,tif,bmp,eps,gif,png,png8,png24,png32,svg,ico'); 
+
 // clear all stored output properties (like scripts and env vars)
 $OUTPUT->reset();
-console($_FILES);
+
 if ($filepath = $_FILES['_photo']['tmp_name']) {
     // check file type and resize image
     $imageprop = rcmail::imageprops($_FILES['_photo']['tmp_name']);
 
-    if ($imageprop['width'] && $imageprop['height']) {
+    if (in_array(strtolower($imageprop['type']), $IMAGE_TYPES)
+	&& $imageprop['width'] && $imageprop['height']
+    ) {
         $maxsize = intval($RCMAIL->config->get('contact_photo_size', 160));
         $tmpfname = tempnam($RCMAIL->config->get('temp_dir'), 'rcmImgConvert');
         $save_hook = 'attachment_upload';