Loading...

XML

Word

Printable

Type: Bug
Resolution: Won't Fix
Priority: Minor
Fix Version/s: 3.1.12-RC1
Affects Version/s: 3.0.11, 3.1.0-dev
Component/s: ACP, User Control Panel (UCP)
Labels:
None

While uploading the file the file extension is checked against a limited list of 4 extensions (gif, jpg, jpeg, png). If the file is served with a script like a php file the upload will fail. The image should be checked instead of the link itself.
Also take a look at these comments regarding this issue:
https://github.com/phpbb/phpbb3/pull/1100#issuecomment-13216135
https://github.com/phpbb/phpbb3/pull/1100#issuecomment-13218053

depends on

PHPBB-10018 Refactor Avatars to support custom modules

Unverified Fix

is duplicated by

PHPBB-13677 Offsite avatar must end in .jpg etc.

Closed

Assignee:: CHItA

Reporter:: Marc

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 13/Feb/13 12:12 AM

Updated:: 09/Sep/17 2:00 PM

Resolved:: 09/Sep/17 2:00 PM