mirror of
https://github.com/prasathmani/tinyfilemanager
synced 2024-05-05 23:33:13 +02:00
Fixed 3 sinks which caused XSS in filename (#511)
Co-authored-by: Vaibhav Shinde <vaibhavkshinde20@gmail.com>
This commit is contained in:
parent
95147f5828
commit
03c3f6d7f9
|
@ -1989,11 +1989,11 @@ $tableTheme = (FM_THEME == "dark") ? "text-white bg-dark table-dark" : "bg-white
|
|||
<?php
|
||||
if (in_array(strtolower(pathinfo($f, PATHINFO_EXTENSION)), array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'ico', 'svg'))): ?>
|
||||
<?php $imagePreview = fm_enc(FM_ROOT_URL . (FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $f); ?>
|
||||
<a href="<?php echo $filelink ?>" data-preview-image="<?php echo $imagePreview ?>" title="<?php echo $f ?>">
|
||||
<a href="<?php echo $filelink ?>" data-preview-image="<?php echo $imagePreview ?>" title="<?php echo fm_enc($f) ?>">
|
||||
<?php else: ?>
|
||||
<a href="<?php echo $filelink ?>" title="<?php echo $f ?>">
|
||||
<?php endif; ?>
|
||||
<i class="<?php echo $img ?>"></i> <?php echo fm_convert_win($f) ?>
|
||||
<i class="<?php echo $img ?>"></i> <?php echo fm_convert_win(fm_enc($f)) ?>
|
||||
</a>
|
||||
<?php echo($is_link ? ' → <i>' . readlink($path . '/' . $f) . '</i>' : '') ?>
|
||||
</div>
|
||||
|
@ -2008,7 +2008,7 @@ $tableTheme = (FM_THEME == "dark") ? "text-white bg-dark table-dark" : "bg-white
|
|||
<td><?php echo fm_enc($owner['name'] . ':' . $group['name']) ?></td>
|
||||
<?php endif; ?>
|
||||
<td class="inline-actions">
|
||||
<a title="<?php echo lng('Preview') ?>" href="<?php echo $filelink.'&quickView=1'; ?>" data-toggle="lightbox" data-gallery="tiny-gallery" data-title="<?php echo fm_convert_win($f) ?>" data-max-width="100%" data-width="100%"><i class="fa fa-eye"></i></a>
|
||||
<a title="<?php echo lng('Preview') ?>" href="<?php echo $filelink.'&quickView=1'; ?>" data-toggle="lightbox" data-gallery="tiny-gallery" data-title="<?php echo fm_convert_win(fm_enc($f)) ?>" data-max-width="100%" data-width="100%"><i class="fa fa-eye"></i></a>
|
||||
<?php if (!FM_READONLY): ?>
|
||||
<a title="<?php echo lng('Delete') ?>" href="?p=<?php echo urlencode(FM_PATH) ?>&del=<?php echo urlencode($f) ?>" onclick="return confirm('<?php echo lng('Delete').' '.lng('File').'?'; ?>\n \n ( <?php echo urlencode($f) ?> )');"> <i class="fa fa-trash-o"></i></a>
|
||||
<a title="<?php echo lng('Rename') ?>" href="#" onclick="rename('<?php echo fm_enc(FM_PATH) ?>', '<?php echo fm_enc(addslashes($f)) ?>');return false;"><i class="fa fa-pencil-square-o"></i></a>
|
||||
|
|
Loading…
Reference in a new issue