extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-22 16:03:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

missing ip in attach_file caused, no symlinks

Browse Source
This commit is contained in:
Ralf Becker 2001-10-08 11:39:20 +00:00
parent b9802c348d
commit 4fc032aec1
2 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
infolog/inc/class.boinfolog.inc.php
View File

@ -245,9 +245,9 @@
** Put a file to the corrosponding place in the VFS and set the attributes
** ACL check is done by the VFS
*/
function attach_file($info_id,$filepos,$name,$size,$type,$comment='',$full_fname='')
function attach_file($info_id,$filepos,$name,$size,$type,$comment='',$full_fname='',$ip='')
{
//echo "<p>add_one_file: info_id='$info_id', filepos='$filepos', name='$name', size='$size', type='$type', comment='$comment', full_fname='$full_fname'</p>\n";
//echo "<p>attach_file: info_id='$info_id', filepos='$filepos', name='$name', size='$size', type='$type', comment='$comment', full_fname='$full_fname', ip='$ip'</p>\n";
// create the root for attached files in infolog, if it does not exists
if (!($this->vfs->file_exists($this->vfs_basedir,array(RELATIVE_ROOT))))
@ -274,13 +274,14 @@
{ // check case-insensitive for WIN etc.
$check = $valid[0] == '\\' || strstr(':',$valid) ? 'eregi' : 'ereg';
$valid2 = str_replace('\\','/',$valid);
//echo "<p>attach_file: ereg('".$this->send_file_ips[$valid]."', '$ip')=".ereg($this->send_file_ips[$valid],$ip)."</p>\n";
if ($check('^('.$valid2.')(.*)$',$full_fname,$parts) &&
ereg($this->send_file_ips[$valid],$ip) && // right IP
$this->vfs->file_exists($trans.$parts[2],array(RELATIVE_NONE|VFS_REAL)))
{
$tfname = $trans.$parts[2];
}
// echo "<p>add_one_file: full_fname='$full_fname', valid2='$valid2', trans='$trans', check=$check, tfname='$tfname', parts=(x,'${parts[1]}','${parts[2]}')</p>\n";
//echo "<p>attach_file: full_fname='$full_fname', valid2='$valid2', trans='$trans', check=$check, tfname='$tfname', parts=(x,'${parts[1]}','${parts[2]}')</p>\n";
}
if ($tfname && !$this->vfs->securitycheck($tfname))
{

7
infolog/inc/class.uiinfolog.inc.php
View File

@ -591,7 +591,8 @@
if ($upload && $attachfile && $attachfile != "none")
{
$fileerror = $this->bo->attach_file($info_id,$attachfile,$attachfile_name,$attachfile_size,$attachfile_type,$filecomment,$full_fname);
$fileerror = $this->bo->attach_file($info_id,$attachfile,$attachfile_name,$attachfile_size,
$attachfile_type,$filecomment,$full_fname,$GLOBALS['HTTP_SERVER_VARS']['REMOTE_ADDR']);
if ($fileerror) $error[]=$fileerror;
}
$GLOBALS['phpgw']->common->phpgw_header();
@ -752,7 +753,9 @@
if ($attachfile && $attachfile != "none") // save the attached file
{
$fileerror = $this->bo->attach_file($this->bo->so->data['info_id'],$attachfile,$attachfile_name,$attachfile_size,$attachfile_type,$filecomment,$full_fname);
$fileerror = $this->bo->attach_file($this->bo->so->data['info_id'],$attachfile,
$attachfile_name,$attachfile_size,$attachfile_type,$filecomment,$full_fname,
$GLOBALS['HTTP_SERVER_VARS']['REMOTE_ADDR']);
if ($fileerror) $error[]=$fileerror;
}
}