Commit 6b139854f4ba358c05537a7f3abb89248024fe75
1 parent
9445dfcd
Merged in from DEV trunk...
KTC-165 "Input validation required on file names." Fixed. Added some sanitize checks to KTBulkExportPlugin.php Committed By: Jalaloedien Abrahams Reviewed By: Conrad Vermeulen git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/STABLE/trunk@7046 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
6 additions
and
5 deletions
plugins/ktstandard/KTBulkExportPlugin.php
| ... | ... | @@ -144,20 +144,20 @@ class KTBulkExportAction extends KTFolderAction { |
| 144 | 144 | $oDocumentTransaction->create(); |
| 145 | 145 | } |
| 146 | 146 | |
| 147 | - $sParentFolder = sprintf('%s/%s', $sTmpPath, $oDocument->getFullPath()); | |
| 147 | + $sParentFolder = str_replace('<', '', str_replace('</', '', str_replace('>', '', sprintf('%s/%s', $sTmpPath, $oDocument->getFullPath())))); | |
| 148 | 148 | $newDir = $this->sTmpPath; |
| 149 | - $sFullPath = $this->_convertEncoding($oDocument->getFullPath(), true); | |
| 149 | + $sFullPath = str_replace('<', '', str_replace('</', '', str_replace('>', '', $this->_convertEncoding($oDocument->getFullPath(), true)))); | |
| 150 | 150 | foreach (split('/', $sFullPath) as $dirPart) { |
| 151 | 151 | $newDir = sprintf("%s/%s", $newDir, $dirPart); |
| 152 | 152 | if (!file_exists($newDir)) { |
| 153 | 153 | mkdir($newDir, 0700); |
| 154 | 154 | } |
| 155 | 155 | } |
| 156 | - $sOrigFile = $oStorage->temporaryFile($oDocument); | |
| 157 | - $sFilename = sprintf("%s/%s", $sParentFolder, $oDocument->getFileName()); | |
| 156 | + $sOrigFile = str_replace('<', '', str_replace('</', '', str_replace('>', '', $oStorage->temporaryFile($oDocument)))); | |
| 157 | + $sFilename = sprintf("%s/%s", $sParentFolder, str_replace('<', '', str_replace('</', '', str_replace('>', '', $oDocument->getFileName())))); | |
| 158 | 158 | $sFilename = $this->_convertEncoding($sFilename, true); |
| 159 | 159 | copy($sOrigFile, $sFilename); |
| 160 | - $sPath = sprintf("%s/%s", $oDocument->getFullPath(), $oDocument->getFileName()); | |
| 160 | + $sPath = str_replace('<', '', str_replace('</', '', str_replace('>', '', sprintf("%s/%s", $oDocument->getFullPath(), $oDocument->getFileName())))); | |
| 161 | 161 | $sPath = str_replace($aReplaceKeys, $aReplaceValues, $sPath); |
| 162 | 162 | $sPath = $this->_convertEncoding($sPath, true); |
| 163 | 163 | $aPaths[] = $sPath; |
| ... | ... | @@ -165,6 +165,7 @@ class KTBulkExportAction extends KTFolderAction { |
| 165 | 165 | $sManifest = sprintf("%s/%s", $this->sTmpPath, "MANIFEST"); |
| 166 | 166 | file_put_contents($sManifest, join("\n", $aPaths)); |
| 167 | 167 | $sZipFile = sprintf("%s/%s.zip", $this->sTmpPath, $this->oFolder->getName()); |
| 168 | + $sZipFile = str_replace('<', '', str_replace('</', '', str_replace('>', '', $sZipFile))); | |
| 168 | 169 | $_SESSION['bulkexport'] = KTUtil::arrayGet($_SESSION, 'bulkexport', array()); |
| 169 | 170 | $sExportCode = KTUtil::randomString(); |
| 170 | 171 | $_SESSION['bulkexport'][$sExportCode] = array( | ... | ... |