aboutsummaryrefslogtreecommitdiffstats
path: root/mayor-orig/mayor-base
diff options
context:
space:
mode:
authorM.Gergo2020-03-31 19:40:35 +0200
committerM.Gergo2020-03-31 19:40:35 +0200
commit0ba1d0c88b25762d4acb0f4b5425778f0cbc76a9 (patch)
tree967d5c6f8477b2871ae022b9bd56fc9697af4bbd /mayor-orig/mayor-base
parent2f564886b387ecd47ce4f88cabb26a706a32c56c (diff)
parent4c6b313fae97ccb7eaae75b5d05881f10469e13d (diff)
downloadmayor-0ba1d0c88b25762d4acb0f4b5425778f0cbc76a9.tar.gz
mayor-0ba1d0c88b25762d4acb0f4b5425778f0cbc76a9.zip
Merge branch 'MaYor-dev'
Az eddigi fejlesztések a forrásból -> (devel@mayor.hu)
Diffstat (limited to 'mayor-orig/mayor-base')
-rw-r--r--mayor-orig/mayor-base/log/mayor-base.rev2
-rw-r--r--mayor-orig/mayor-base/www/include/share/net/upload.php15
2 files changed, 16 insertions, 1 deletions
diff --git a/mayor-orig/mayor-base/log/mayor-base.rev b/mayor-orig/mayor-base/log/mayor-base.rev
index 7ea43f6c..ff844583 100644
--- a/mayor-orig/mayor-base/log/mayor-base.rev
+++ b/mayor-orig/mayor-base/log/mayor-base.rev
@@ -1 +1 @@
-4638
+4644
diff --git a/mayor-orig/mayor-base/www/include/share/net/upload.php b/mayor-orig/mayor-base/www/include/share/net/upload.php
index d58708ed..0d50d34e 100644
--- a/mayor-orig/mayor-base/www/include/share/net/upload.php
+++ b/mayor-orig/mayor-base/www/include/share/net/upload.php
@@ -49,12 +49,27 @@ try {
// You should name it uniquely.
// DO NOT USE $_FILES['upfile']['name'] WITHOUT ANY VALIDATION !!
// On this example, obtain safe unique name from its binary data.
+
+ // define('CLAMAV_ENABLED',true);
+ if (CLAMAV_ENABLED === true) {
+ $safePath = escapeshellarg($_FILES['upfile']['tmp_name']);
+ $command = "clamdscan --quiet --stdout --fdpass ".$safePath." --remove"; // --remove
+ $out = '';
+ $int = -1;
+ exec($command, $out, $int);
+ if ($int!==0) {
+ if (file_exists($safePath)) unlink($safePath);
+ throw new RuntimeException('Szerintünk ez vírusos!!!');
+ }
+ }
+
if (!move_uploaded_file($_FILES['upfile']['tmp_name'],$ADAT['subdir'].'/'.$ADAT['filename'])) {
throw new RuntimeException('Nem tudtuk átmozgatni. Van jogunk írni a célkönyvtárba?');
}
} catch (RuntimeException $e) {
$_SESSION['alert'][] = 'info::'.$e->getMessage();
+ return false;
}
return true;