[wp-trac] [WordPress Trac] #4974: Invalid names generated for
uploads with unknown extensions
WordPress Trac
wp-trac at lists.automattic.com
Fri Sep 14 11:53:59 GMT 2007
#4974: Invalid names generated for uploads with unknown extensions
---------------------+------------------------------------------------------
Reporter: Nazgul | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.3
Component: General | Version: 2.3
Severity: normal | Keywords: has-patch
---------------------+------------------------------------------------------
It is possible for someone with the unfiltered_upload capability to upload
attachments with unknown extensions. There is a bug which generates the
filename in that instance, which results in a file called test.phps to be
uploades as testphps..phps.
This is caused by the extension guesing code leaving the . before the
extension, which is added again later on, making a few replaces fail.
--
Ticket URL: <http://trac.wordpress.org/ticket/4974>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list