tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

MINOR Merged r73298,r73299,r73301,r73304,r73318 from branches/2.3

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@73334 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2009-03-18 10:16:15 +00:00
parent 44d213e0b2
commit 8c2d1beb7e
2 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
core/control/Director.php
View File

@ -90,8 +90,16 @@ class Director {
static function direct($url) { static function direct($url) {
// Validate $_FILES array before merging it with $_POST // Validate $_FILES array before merging it with $_POST
foreach($_FILES as $k => $v) { foreach($_FILES as $k => $v) {
if($v['tmp_name'] && !is_uploaded_file($v['tmp_name'])) { if(is_array($v['tmp_name'])) {
user_error("File upoad '$k' doesn't appear to be a valid upload", E_USER_ERROR); foreach($v['tmp_name'] as $tmpFile) {
if($tmpFile && !is_uploaded_file($tmpFile)) {
user_error("File upload '$k' doesn't appear to be a valid upload", E_USER_ERROR);
}
}
} else {
if($v['tmp_name'] && !is_uploaded_file($v['tmp_name'])) {
user_error("File upload '$k' doesn't appear to be a valid upload", E_USER_ERROR);
}
} }
} }

7
core/model/Image.php
View File

@ -478,7 +478,12 @@ class Image_Uploader extends Controller {
); );
static $allowed_actions = array( static $allowed_actions = array(
'*' => 'CMS_ACCESS_CMSMain' 'iframe' => 'CMS_ACCESS_CMSMain',
'flush' => 'CMS_ACCESS_CMSMain',
'save' => 'CMS_ACCESS_CMSMain',
'delete' => 'CMS_ACCESS_CMSMain',
'EditImageForm' => 'CMS_ACCESS_CMSMain',
'DeleteImageForm' => 'CMS_ACCESS_CMSMain'
); );
function init() { function init() {