gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-06-15 17:49:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

Browse Source
This commit is contained in:
Uwe Steinmann 2020-11-24 17:48:37 +01:00
commit 5e8de41b2e
2 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG
View File

@ -197,7 +197,9 @@
- saving the settings will no longer reenable an extention with no configuration - saving the settings will no longer reenable an extention with no configuration
- put a red/green bullet before the extension name in the settings - put a red/green bullet before the extension name in the settings
- escape value of dropfolderfile in input form field created by - escape value of dropfolderfile in input form field created by
SeedDMS_Bootstrap_Style::getDropFolderChooserHtml() (CVE-2020-2872) SeedDMS_Bootstrap_Style::getDropFolderChooserHtml() (CVE-2020-28726)
- prevent cross site scripting in views/bootstrap/class.DropFileChooser.php
folderid wasn't checked propperly for being an integer (CVE-2020-28727)
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
Changes in version 5.1.20 Changes in version 5.1.20

4
views/bootstrap/class.DropFolderChooser.php
View File

@ -61,7 +61,7 @@ $('.folderselect').click(function(ev) {
$previewwidth = $this->params['previewWidthMenuList']; $previewwidth = $this->params['previewWidthMenuList'];
$timeout = $this->params['timeout']; $timeout = $this->params['timeout'];
$xsendfile = $this->params['xsendfile']; $xsendfile = $this->params['xsendfile'];
$folderid = isset($_GET['folderid']) ? $_GET['folderid'] : 0; $folder = $this->params['folder'];
$previewer = new SeedDMS_Preview_Previewer($cachedir, $previewwidth, $timeout, $xsendfile); $previewer = new SeedDMS_Preview_Previewer($cachedir, $previewwidth, $timeout, $xsendfile);
@ -82,7 +82,7 @@ $('.folderselect').click(function(ev) {
$c++; $c++;
$mimetype = finfo_file($finfo, $dir.'/'.$entry); $mimetype = finfo_file($finfo, $dir.'/'.$entry);
if(file_exists($dir.'/'.$entry)) { if(file_exists($dir.'/'.$entry)) {
$filecontent .= "<li><a".($folderid ? " href=\"../out/out.AddDocument.php?folderid=".$folderid."&dropfolderfileform1=".urldecode($entry)."\" title=\"".getMLText('menu_upload_from_dropfolder')."\"" : "").">"; $filecontent .= "<li><a".($folder ? " href=\"../out/out.AddDocument.php?folderid=".$folder->getId()."&dropfolderfileform1=".urldecode($entry)."\" title=\"".getMLText('menu_upload_from_dropfolder')."\"" : "").">";
if($previewwidth) { if($previewwidth) {
$previewer->createRawPreview($dir.'/'.$entry, 'dropfolder/', $mimetype); $previewer->createRawPreview($dir.'/'.$entry, 'dropfolder/', $mimetype);
if($previewer->hasRawPreview($dir.'/'.$entry, 'dropfolder/')) { if($previewer->hasRawPreview($dir.'/'.$entry, 'dropfolder/')) {