Merge pull request #1219 from SamBrishes/patch-010

MIME Type Check for Issue #1218 and #1212
2020-06-29 21:30:46 +02:00 · 2020-06-29 21:30:46 +02:00 · 4282a976a6
commit 4282a976a6
parent b8649d730a eb74980021
4 changed files with 31 additions and 4 deletions
--- a/bl-kernel/ajax/logo-upload.php
+++ b/bl-kernel/ajax/logo-upload.php
@ -24,12 +24,20 @@ if (Text::stringContains($_FILES['inputFile']['name'], DS, false)) {
 // File extension
 $fileExtension = Filesystem::extension($_FILES['inputFile']['name']);
 $fileExtension = Text::lowercase($fileExtension);
-if (!in_array($fileExtension, $GLOBALS['ALLOWED_IMG_EXTENSION']) ) {
+if (!in_array($fileExtension, $GLOBALS['ALLOWED_IMG_EXTENSION'])) {
 	$message = $L->g('File type is not supported. Allowed types:').' '.implode(', ',$GLOBALS['ALLOWED_IMG_EXTENSION']);
 	Log::set($message, LOG_TYPE_ERROR);
 	ajaxResponse(1, $message);
 }

+// File MIME Type
+$fileMimeType = Filesystem::mimeType($_FILES['inputFile']['tmp_name']);
+if (!in_array($fileMimeType, $GLOBALS['ALLOWED_IMG_MIMETYPES'])) {
+	$message = $L->g('File mime type is not supported. Allowed types:').' '.implode(', ',$GLOBALS['ALLOWED_IMG_MIMETYPES']);
+	Log::set($message, LOG_TYPE_ERROR);
+	ajaxResponse(1, $message);
+}
+
 // Final filename
 $filename = 'logo.'.$fileExtension;
 if (Text::isNotEmpty( $site->title() )) {
@ -57,4 +65,4 @@ ajaxResponse(0, 'Image uploaded.', array(
 	'absolutePath'=>PATH_UPLOADS.$filename
 ));

-?>
+?>
--- a/bl-kernel/ajax/profile-picture-upload.php
+++ b/bl-kernel/ajax/profile-picture-upload.php
@ -35,6 +35,14 @@ if (!in_array($fileExtension, $GLOBALS['ALLOWED_IMG_EXTENSION']) ) {
 	ajaxResponse(1, $message);
 }

+// Check file MIME Type
+$fileMimeType = Filesystem::mimeType($_FILES['profilePictureInputFile']['tmp_name']);
+if (!in_array($fileMimeType, $GLOBALS['ALLOWED_IMG_MIMETYPES'])) {
+	$message = $L->g('File mime type is not supported. Allowed types:').' '.implode(', ',$GLOBALS['ALLOWED_IMG_MIMETYPES']);
+	Log::set($message, LOG_TYPE_ERROR);
+	ajaxResponse(1, $message);
+}
+
 // Tmp filename
 $tmpFilename = $username.'.'.$fileExtension;

@ -61,4 +69,4 @@ ajaxResponse(0, 'Image uploaded.', array(
 	'absolutePath'=>PATH_UPLOADS_PROFILES.$filename
 ));

-?>
+?>
--- a/bl-kernel/ajax/upload-images.php
+++ b/bl-kernel/ajax/upload-images.php
@ -63,6 +63,14 @@ foreach ($_FILES['images']['name'] as $uuid=>$filename) {
 		ajaxResponse(1, $message);
 	}

+	// Check file MIME Type
+	$fileMimeType = Filesystem::mimeType($_FILES['images']['tmp_name'][$uuid]);
+	if (!in_array($fileMimeType, $GLOBALS['ALLOWED_IMG_MIMETYPES'])) {
+		$message = $L->g('File mime type is not supported. Allowed types:').' '.implode(', ',$GLOBALS['ALLOWED_IMG_MIMETYPES']);
+		Log::set($message, LOG_TYPE_ERROR);
+		ajaxResponse(1, $message);
+	}
+
 	// Move from PHP tmp file to Bludit tmp directory
 	Filesystem::mv($_FILES['images']['tmp_name'][$uuid], PATH_TMP.$filename);

@ -84,4 +92,4 @@ ajaxResponse(0, 'Images uploaded.', array(
 	'images'=>$images
 ));

-?>
+?>
--- a/bl-kernel/boot/variables.php
+++ b/bl-kernel/boot/variables.php
@ -108,3 +108,6 @@ $GLOBALS['DB_TAGS_TYPES'] = array('published','static','sticky');

 // Allowed image extensions
 $GLOBALS['ALLOWED_IMG_EXTENSION'] = array('gif', 'png', 'jpg', 'jpeg', 'svg');
+
+// Allowed image mime types
+$GLOBALS['ALLOWED_IMG_MIMETYPES'] = array('image/gif', 'image/png', 'image/jpeg', 'image/svg+xml');