From eb74980021036ded1db4464f57f88190eda2853b Mon Sep 17 00:00:00 2001 From: SamBrishes Date: Sun, 28 Jun 2020 10:36:41 +0200 Subject: [PATCH] MIME Type Check for Issue #1218 and #1212 MIME Type Check for Issue #1218 and #1212 --- bl-kernel/ajax/logo-upload.php | 12 ++++++++++-- bl-kernel/ajax/profile-picture-upload.php | 10 +++++++++- bl-kernel/ajax/upload-images.php | 10 +++++++++- bl-kernel/boot/variables.php | 3 +++ 4 files changed, 31 insertions(+), 4 deletions(-) diff --git a/bl-kernel/ajax/logo-upload.php b/bl-kernel/ajax/logo-upload.php index 84b4363f..c334ca09 100644 --- a/bl-kernel/ajax/logo-upload.php +++ b/bl-kernel/ajax/logo-upload.php @@ -24,12 +24,20 @@ if (Text::stringContains($_FILES['inputFile']['name'], DS, false)) { // File extension $fileExtension = Filesystem::extension($_FILES['inputFile']['name']); $fileExtension = Text::lowercase($fileExtension); -if (!in_array($fileExtension, $GLOBALS['ALLOWED_IMG_EXTENSION']) ) { +if (!in_array($fileExtension, $GLOBALS['ALLOWED_IMG_EXTENSION'])) { $message = $L->g('File type is not supported. Allowed types:').' '.implode(', ',$GLOBALS['ALLOWED_IMG_EXTENSION']); Log::set($message, LOG_TYPE_ERROR); ajaxResponse(1, $message); } +// File MIME Type +$fileMimeType = Filesystem::mimeType($_FILES['inputFile']['tmp_name']); +if (!in_array($fileMimeType, $GLOBALS['ALLOWED_IMG_MIMETYPES'])) { + $message = $L->g('File mime type is not supported. Allowed types:').' '.implode(', ',$GLOBALS['ALLOWED_IMG_MIMETYPES']); + Log::set($message, LOG_TYPE_ERROR); + ajaxResponse(1, $message); +} + // Final filename $filename = 'logo.'.$fileExtension; if (Text::isNotEmpty( $site->title() )) { @@ -57,4 +65,4 @@ ajaxResponse(0, 'Image uploaded.', array( 'absolutePath'=>PATH_UPLOADS.$filename )); -?> \ No newline at end of file +?> diff --git a/bl-kernel/ajax/profile-picture-upload.php b/bl-kernel/ajax/profile-picture-upload.php index 31d49911..22a9dc9f 100644 --- a/bl-kernel/ajax/profile-picture-upload.php +++ b/bl-kernel/ajax/profile-picture-upload.php @@ -35,6 +35,14 @@ if (!in_array($fileExtension, $GLOBALS['ALLOWED_IMG_EXTENSION']) ) { ajaxResponse(1, $message); } +// Check file MIME Type +$fileMimeType = Filesystem::mimeType($_FILES['profilePictureInputFile']['tmp_name']); +if (!in_array($fileMimeType, $GLOBALS['ALLOWED_IMG_MIMETYPES'])) { + $message = $L->g('File mime type is not supported. Allowed types:').' '.implode(', ',$GLOBALS['ALLOWED_IMG_MIMETYPES']); + Log::set($message, LOG_TYPE_ERROR); + ajaxResponse(1, $message); +} + // Tmp filename $tmpFilename = $username.'.'.$fileExtension; @@ -61,4 +69,4 @@ ajaxResponse(0, 'Image uploaded.', array( 'absolutePath'=>PATH_UPLOADS_PROFILES.$filename )); -?> \ No newline at end of file +?> diff --git a/bl-kernel/ajax/upload-images.php b/bl-kernel/ajax/upload-images.php index d70ed2ca..a7b190db 100644 --- a/bl-kernel/ajax/upload-images.php +++ b/bl-kernel/ajax/upload-images.php @@ -63,6 +63,14 @@ foreach ($_FILES['images']['name'] as $uuid=>$filename) { ajaxResponse(1, $message); } + // Check file MIME Type + $fileMimeType = Filesystem::mimeType($_FILES['images']['tmp_name'][$uuid]); + if (!in_array($fileMimeType, $GLOBALS['ALLOWED_IMG_MIMETYPES'])) { + $message = $L->g('File mime type is not supported. Allowed types:').' '.implode(', ',$GLOBALS['ALLOWED_IMG_MIMETYPES']); + Log::set($message, LOG_TYPE_ERROR); + ajaxResponse(1, $message); + } + // Move from PHP tmp file to Bludit tmp directory Filesystem::mv($_FILES['images']['tmp_name'][$uuid], PATH_TMP.$filename); @@ -84,4 +92,4 @@ ajaxResponse(0, 'Images uploaded.', array( 'images'=>$images )); -?> \ No newline at end of file +?> diff --git a/bl-kernel/boot/variables.php b/bl-kernel/boot/variables.php index 38bf08dc..94941f77 100644 --- a/bl-kernel/boot/variables.php +++ b/bl-kernel/boot/variables.php @@ -108,3 +108,6 @@ $GLOBALS['DB_TAGS_TYPES'] = array('published','static','sticky'); // Allowed image extensions $GLOBALS['ALLOWED_IMG_EXTENSION'] = array('gif', 'png', 'jpg', 'jpeg', 'svg'); + +// Allowed image mime types +$GLOBALS['ALLOWED_IMG_MIMETYPES'] = array('image/gif', 'image/png', 'image/jpeg', 'image/svg+xml');