scratch

Subversion Repositories:
Compare Path: Rev
With Path: Rev
?path1? @ 15  →  ?path2? @ 16
/quickload/upload.php
@@ -25,7 +25,8 @@
 
#### If the extension is not allowed then change it to a text extension.
if (!isset($fileExtension) ||
!in_array(strtoupper($fileExtension), $ALLOWED_FILE_EXTENSIONS))
!in_array(strtoupper($fileExtension),
array_map('strtoupper', $ALLOWED_FILE_EXTENSIONS)))
$fileExtension = 'txt';
#### Hash filename.
@@ -54,7 +55,7 @@
 
#### Check for path traversals
$pathPart = pathinfo($userPath);
if (realpath($pathPart['dirname']) != realpath($STORE_FOLDER))
if (strcasecmp(realpath($pathPart['dirname']), realpath($STORE_FOLDER)) != 0)
return;
 
#### Store the file.