kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

detecting access right problem in browser upload

This commit is contained in:
Benjamin Sonntag 2010-06-24 00:11:01 +00:00
parent 0cbb58153d
commit 6ddf9fe6d6
3 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
bureau/class/m_bro.php
View File

@ -512,11 +512,16 @@ class m_bro {
if (!strpos($_FILES['userfile']['name'],"/")) {
if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
if (!file_exists($absolute."/".$_FILES['userfile']['name'])) {
touch($absolute."/".$_FILES['userfile']['name']);
@touch($absolute."/".$_FILES['userfile']['name']);
}
move_uploaded_file($_FILES['userfile']['tmp_name'], $absolute."/".$_FILES['userfile']['name']);
if (@move_uploaded_file($_FILES['userfile']['tmp_name'], $absolute."/".$_FILES['userfile']['name'])) {
return $absolute."/".$_FILES['userfile']['name'];
} else {
$err->raise("bro",3);
return false;
}
} else {
$err->log("bro","uploadfile","Tentative d'attaque : ".$_FILES['userfile']['tmp_name']);
$err->log("bro","uploadfile","Tentative d'attaque : ".$_FILES['userfile']['tmp_name']);
return false;
}
}

3
bureau/locales/en_US/LC_MESSAGES/manual.po
View File

@ -681,6 +681,9 @@ msgstr "File or folder name is incorrect"
msgid "err_bro_2"
msgstr "You cannot move or copy a file to the same folder"
msgid "err_bro_3"
msgstr "You don't have the right to write into this folder. Please check the access rights."
#. If we manage your DNS <br />You can manage your mails elsewhere if you want
#. (MX field).<br />Write <b><code>%s</code></b> in this field if your mail
#. must be managed by %s<br />or put the IP address or name of the mail server

4
bureau/locales/fr_FR/LC_MESSAGES/manual.po
View File

@ -728,6 +728,10 @@ msgstr "R
msgid "err_bro_2"
msgstr "Vous ne pouvez pas déplacer un fichier dans le même répertoire !"
#. Right incorrect
msgid "err_bro_3"
msgstr "Vous n'avez pas le droit d'écrire dans ce répertoire. Vérifiez les droits d'accès !"
#. If we manage your DNS <br />You can manage your mails elsewhere if you want
#. (MX field).<br />Write <b><code>%s</code></b> in this field if your mail
#. must be managed by %s<br />or put the IP address or name of the mail server