MINOR Merged r73298,r73299,r73301,r73304,r73318 from branches/2.3

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@73334 467b73ca-7a2a-4603-9d3b-597d59a354a9
2024-10-22 14:05:37 +02:00 · 2009-03-18 10:16:15 +00:00 · 2009-03-18 10:16:15 +00:00 · 8c2d1beb7e
commit 8c2d1beb7e
parent 44d213e0b2
2 changed files with 16 additions and 3 deletions
--- a/core/control/Director.php
+++ b/core/control/Director.php
@ -90,8 +90,16 @@ class Director {
 	static function direct($url) {
 		// Validate $_FILES array before merging it with $_POST
 		foreach($_FILES as $k => $v) {
-			if($v['tmp_name'] && !is_uploaded_file($v['tmp_name'])) {
-				user_error("File upoad '$k' doesn't appear to be a valid upload", E_USER_ERROR);
+			if(is_array($v['tmp_name'])) {
+				foreach($v['tmp_name'] as $tmpFile) {
+					if($tmpFile && !is_uploaded_file($tmpFile)) {
+						user_error("File upload '$k' doesn't appear to be a valid upload", E_USER_ERROR);
+					}
+				}
+			} else {
+				if($v['tmp_name'] && !is_uploaded_file($v['tmp_name'])) {
+					user_error("File upload '$k' doesn't appear to be a valid upload", E_USER_ERROR);
+				}
 			}
 		}
 		
--- a/core/model/Image.php
+++ b/core/model/Image.php
@ -478,7 +478,12 @@ class Image_Uploader extends Controller {
 	);
 	
 	static $allowed_actions = array(
-		'*' => 'CMS_ACCESS_CMSMain'
+		'iframe' => 'CMS_ACCESS_CMSMain',
+		'flush' => 'CMS_ACCESS_CMSMain',
+		'save' => 'CMS_ACCESS_CMSMain',
+		'delete' => 'CMS_ACCESS_CMSMain',
+		'EditImageForm' => 'CMS_ACCESS_CMSMain',
+		'DeleteImageForm' => 'CMS_ACCESS_CMSMain'
 	);
 	
 	function init() {