makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-08 04:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Truncate the URI to the size of the database field before we check it to ensure that what is stored in the database is the same as that we checked

Browse source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5501 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Graham Eames 2006-01-27 21:23:22 +00:00
parent 1ace2eca07
commit 5384eedd68
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
phpBB/includes/usercp_avatar.php
View file

@ -100,6 +100,8 @@ function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
$avatar_filename = 'http://' . $avatar_filename; $avatar_filename = 'http://' . $avatar_filename;
} }
$avatar_filename = substr($avatar_filename, 0, 100);
if ( !preg_match("#^((ht|f)tp://)([^ \?&=\#\"\n\r\t<]*?(\.(jpg|jpeg|gif|png))$)#is", $avatar_filename) ) if ( !preg_match("#^((ht|f)tp://)([^ \?&=\#\"\n\r\t<]*?(\.(jpg|jpeg|gif|png))$)#is", $avatar_filename) )
{ {
$error = true; $error = true;