From 1bfceb99dd69311c4e7fd9f8f9f5f21d70e7dc6f Mon Sep 17 00:00:00 2001
From: "florian.azizian" <florian.azizian@maarch.org>
Date: Fri, 21 Dec 2018 11:16:15 +0100
Subject: [PATCH] FIX #9198 remove file if it is unauthorized
---
.../content_management/applet_controller.php | 33 ++++++++++---------
1 file changed, 17 insertions(+), 16 deletions(-)
diff --git a/modules/content_management/applet_controller.php b/modules/content_management/applet_controller.php
index 3032d8c1f9b..4d536c19555 100755
--- a/modules/content_management/applet_controller.php
+++ b/modules/content_management/applet_controller.php
@@ -282,33 +282,34 @@ if (!empty($_REQUEST['action'])
fwrite($inF, $fileContent);
fclose($inF);
- //Récupération de la version pdf du document
- if ($_SESSION['modules_loaded']['attachments']['convertPdf'] == "true" && ($objectType == 'attachmentFromTemplate' || $objectType == 'attachment' || $objectType == 'attachmentUpVersion' || $objectType == 'attachmentVersion' || $objectType == 'attachmentMailing' || $objectType == 'outgoingMail' || $objectType == 'resourceEdit' || $objectType == 'transmission' || $objectType == 'newAttachment') && isset($_REQUEST['pdfContent'])) {
- $pdfEncodedContent = str_replace(
- ' ',
- '+',
- $_REQUEST['pdfContent']
- );
- $pdfContent = base64_decode($pdfEncodedContent);
- //copy file on Maarch tmp dir
- $tmpFilePdfName = 'cm_tmp_file_pdf_' . $_SESSION['user']['UserId']
- . '_' . rand() . '.pdf';
- $inFpdf = fopen($_SESSION['config']['tmppath'] . $tmpFilePdfName, 'w');
- fwrite($inFpdf, $pdfContent);
- fclose($inFpdf);
- }
-
$arrayIsAllowed = array();
$arrayIsAllowed = Ds_isFileTypeAllowed(
$_SESSION['config']['tmppath'] . $tmpFileName
);
if ($arrayIsAllowed['status'] == false) {
+ unlink($_SESSION['config']['tmppath'] . $tmpFileName);
$result = array(
'ERROR' => _WRONG_FILE_TYPE
. ' ' . $arrayIsAllowed['mime_type']
);
createXML('ERROR', $result);
} else {
+ //Récupération de la version pdf du document
+ if ($_SESSION['modules_loaded']['attachments']['convertPdf'] == "true" && ($objectType == 'attachmentFromTemplate' || $objectType == 'attachment' || $objectType == 'attachmentUpVersion' || $objectType == 'attachmentVersion' || $objectType == 'attachmentMailing' || $objectType == 'outgoingMail' || $objectType == 'resourceEdit' || $objectType == 'transmission' || $objectType == 'newAttachment') && isset($_REQUEST['pdfContent'])) {
+ $pdfEncodedContent = str_replace(
+ ' ',
+ '+',
+ $_REQUEST['pdfContent']
+ );
+ $pdfContent = base64_decode($pdfEncodedContent);
+ //copy file on Maarch tmp dir
+ $tmpFilePdfName = 'cm_tmp_file_pdf_' . $_SESSION['user']['UserId']
+ . '_' . rand() . '.pdf';
+ $inFpdf = fopen($_SESSION['config']['tmppath'] . $tmpFilePdfName, 'w');
+ fwrite($inFpdf, $pdfContent);
+ fclose($inFpdf);
+ }
+
//depending on the type of object, the action is not the same (???)
if ($objectType == 'resource') {
include 'modules/content_management/save_new_version_from_cm.php';
--
GitLab