From a62d029d7d7ee744d40e57704f7c99f193f0718d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 1 Mar 2023 21:37:18 +0100 Subject: [PATCH] Disable non secured feature --- htdocs/core/ajax/fileupload.php | 6 +++- htdocs/core/class/fileupload.class.php | 38 ++++++++++++++++++++++++-- 2 files changed, 41 insertions(+), 3 deletions(-) diff --git a/htdocs/core/ajax/fileupload.php b/htdocs/core/ajax/fileupload.php index 67f95700976..379a2e689a3 100644 --- a/htdocs/core/ajax/fileupload.php +++ b/htdocs/core/ajax/fileupload.php @@ -45,9 +45,13 @@ error_reporting(E_ALL | E_STRICT); $fk_element = GETPOST('fk_element', 'int'); $element = GETPOST('element', 'alpha'); - $upload_handler = new FileUpload(null, $fk_element, $element); +// Feature not enabled. Warning feature not used and not secured so disabled. +if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; +} + /* * View diff --git a/htdocs/core/class/fileupload.class.php b/htdocs/core/class/fileupload.class.php index ccea7de2d84..5a8e75b1e69 100644 --- a/htdocs/core/class/fileupload.class.php +++ b/htdocs/core/class/fileupload.class.php @@ -46,6 +46,12 @@ class FileUpload global $db, $conf; global $object; global $hookmanager; + + // Feature not enabled. Warning feature not used and not secured so disabled. + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + $hookmanager->initHooks(array('fileupload')); $this->fk_element = $fk_element; @@ -238,6 +244,10 @@ class FileUpload */ protected function getFileObject($file_name) { + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + $file_path = $this->options['upload_dir'].$file_name; if (is_file($file_path) && $file_name[0] !== '.') { $file = new stdClass(); @@ -278,6 +288,10 @@ class FileUpload { global $maxwidthmini, $maxheightmini; + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + $file_path = $this->options['upload_dir'].$file_name; $new_file_path = $options['upload_dir'].$file_name; @@ -309,6 +323,10 @@ class FileUpload */ protected function validate($uploaded_file, $file, $error, $index) { + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + if ($error) { $file->error = $error; return false; @@ -399,8 +417,8 @@ class FileUpload // Also remove control characters and spaces (\x00..\x20) around the filename: $file_name = trim(basename(stripslashes($name)), ".\x00..\x20"); // Add missing file extension for known image types: - if (strpos($file_name, '.') === false && - preg_match('/^image\/(gif|jpe?g|png)/', $type, $matches)) { + $matches = array(); + if (strpos($file_name, '.') === false && preg_match('/^image\/(gif|jpe?g|png)/', $type, $matches)) { $file_name .= '.'.$matches[1]; } if ($this->options['discard_aborted_uploads']) { @@ -424,6 +442,10 @@ class FileUpload */ protected function handleFileUpload($uploaded_file, $name, $size, $type, $error, $index) { + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + $file = new stdClass(); $file->name = $this->trimFileName($name, $type, $index); $file->mime = dol_mimetype($file->name, '', 2); @@ -470,6 +492,10 @@ class FileUpload */ public function get() { + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + $file_name = isset($_REQUEST['file']) ? basename(stripslashes($_REQUEST['file'])) : null; if ($file_name) { @@ -488,6 +514,10 @@ class FileUpload */ public function post() { + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + if (isset($_REQUEST['_method']) && $_REQUEST['_method'] === 'DELETE') { return $this->delete(); } @@ -543,6 +573,10 @@ class FileUpload */ public function delete() { + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + $file_name = isset($_REQUEST['file']) ? basename(stripslashes($_REQUEST['file'])) : null; $file_path = $this->options['upload_dir'].$file_name;