Fixed a possible security issue with uploaded files
This commit is contained in:
@@ -9,6 +9,7 @@ $Source$
|
||||
* index.php3; libraries/common.lib.php3; libraries/defines.lib.php3;
|
||||
libraries/grab_globals.lib.php3; libraries/select_lang.lib.php3:
|
||||
taken into account the new $_* globals arrays defined with php 4.1+.
|
||||
* read_dump.php3, lines 131-152 & 217: fixed a possible security issue.
|
||||
|
||||
2001-11-24 Lo<4C>c Chapeaux <lolo@phpheaven.net>
|
||||
* main.php3, line 200: fixed bug #485116 - No logout option for users.
|
||||
|
@@ -128,6 +128,30 @@ function PMA_splitSqlFile(&$ret, $sql, $release)
|
||||
} // end of the 'PMA_splitSqlFile()' function
|
||||
|
||||
|
||||
if (!function_exists('is_uploaded_file')) {
|
||||
/**
|
||||
* Emulates the 'is_uploaded_file()' function for old php versions.
|
||||
* Grabbed at the php manual:
|
||||
* http://www.php.net/manual/en/features.file-upload.php
|
||||
*
|
||||
* @param string the name of the file to check
|
||||
*
|
||||
* @return boolean wether the file has been uploaded or not
|
||||
*
|
||||
* @access public
|
||||
*/
|
||||
function is_uploaded_file($filename) {
|
||||
if (!$tmp_file = @get_cfg_var('upload_tmp_dir')) {
|
||||
$tmp_file = dirname(tempnam('', ''));
|
||||
}
|
||||
$tmp_file .= '/' . basename($filename);
|
||||
|
||||
// User might have trailing slash in php.ini...
|
||||
return (ereg_replace('/+', '/', $tmp_file) == $filename);
|
||||
} // end of the 'is_uploaded_file()' emulated function
|
||||
} // end if
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* Increases the max. allowed time to run a script
|
||||
@@ -190,7 +214,7 @@ if (!empty($id_bookmark)) {
|
||||
*/
|
||||
// Gets the query from a file if required
|
||||
if ($sql_file != 'none') {
|
||||
if (file_exists($sql_file)) {
|
||||
if (file_exists($sql_file) && is_uploaded_file($sql_file)) {
|
||||
$sql_query = fread(fopen($sql_file, 'r'), filesize($sql_file));
|
||||
if (get_magic_quotes_runtime() == 1) {
|
||||
$sql_query = stripslashes($sql_query);
|
||||
|
Reference in New Issue
Block a user