mbirth/LuckyCoinkydink
Archived
1
0
Fork 0
Code Issues Pull Requests Activity

escape hotlinked image

Browse Source
This commit is contained in:
Garvin Hicking
2013-02-08 08:29:48 +01:00
parent b6fa7eb1ef
commit 63ba9b0431
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/admin/images.inc.php
View File

@ -214,6 +214,8 @@ switch ($serendipity['GET']['adminAction']) {
$new_media = array();
$serendipity['POST']['imageurl'] = htmlspecialchars($serendipity['POST']['imageurl']);
// First find out whether to fetch a file or accept an upload
if ($serendipity['POST']['imageurl'] != '' && $serendipity['POST']['imageurl'] != 'http://') {
if (!empty($serendipity['POST']['target_filename'][2])) {