gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-06 07:04:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

remove all chars not in [0-9a-f-] from post var qquuid

Browse Source
This commit is contained in:
Uwe Steinmann 2018-06-27 18:53:13 +02:00
parent 952a1ad1fa
commit 384d1f58b5
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
op/op.UploadChunks.php
View File

@ -35,7 +35,7 @@ include("../inc/inc.Authentication.php");
$file_param_name = 'qqfile';
$file_name = $_FILES[ $file_param_name ][ 'name' ];
$source_file_path = $_FILES[ $file_param_name ][ 'tmp_name' ];
$fileId = $_POST['qquuid'];
$fileId = preg_replace('/[^0-9a-f-]+/', '', $_POST['qquuid']);
$partitionIndex = (int) $_POST['qqpartindex'];
$totalparts = (int) $_POST['qqtotalparts'];
$target_file_path =$settings->_stagingDir.$fileId."-".$partitionIndex;