Created
September 12, 2016 06:09
-
-
Save ossvn/dfb3201ca20a061bff4528859e883246 to your computer and use it in GitHub Desktop.
Improve security of upload on frontend for plugin WooCommerce Extra Product Options - It's can be exploited!!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Find this file class-tm-epo-fields-upload.php | |
| // Find this line $upload = TM_EPO()->upload_file( $_FILES[ $this->attribute ] ); | |
| // Replace with following snippet | |
| $ext = strtolower( pathinfo( $_FILES[ $this->attribute ]['name'], PATHINFO_EXTENSION ) ); | |
| if (in_array($ext, array('jpg','png','gif', 'bmp'))){ | |
| $upload = TM_EPO()->upload_file( $_FILES[ $this->attribute ] ); | |
| } | |
| else { | |
| $upload['error'] = sprintf( __("%s is not a valid image file!",'woocommerce-tm-extra-product-options'),$_FILES[ $this->attribute ]['name']); | |
| } |
Author
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is for testing purpose, it only checks file type at the end, that mean if the hacker tries to rename a file with .php.jpg, it will allow a hacker to upload that file
If you really care about, please use check mine types, that will check mine type of a file, if it's match with your allowed mine types, then allow to upload.