plugins-nextcloud-mirror/spreed
1
0
Fork 0
mirror of https://github.com/nextcloud/spreed.git synced 2025-12-18 05:20:50 +01:00
Code Projects Releases Activity

fix(avatar): Ignore temporary file names

Browse source 
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
Joas Schilling 2025-10-01 18:57:40 +02:00
parent 012bff8636
commit 8f63f9c449
No known key found for this signature in database
GPG key ID: F72FA5B49FFA96B0
2 changed files with 2 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/Controller/TempAvatarController.php
View file

@ -54,11 +54,7 @@ class TempAvatarController extends OCSController {
);
}
if (
$files['error'][0] === 0
&& is_uploaded_file($files['tmp_name'][0])
&& $this->filenameValidator->isFilenameValid($files['tmp_name'][0])
) {
if ($files['error'][0] === 0 && is_uploaded_file($files['tmp_name'][0])) {
if ($files['size'][0] > 20 * 1024 * 1024) {
return new DataResponse(
['message' => $this->l->t('File is too big')],

6
lib/Service/AvatarService.php
View file

@ -49,11 +49,7 @@ class AvatarService {
throw new InvalidArgumentException($this->l->t('No image file provided'));
}
if (
$file['error'] !== 0
|| !is_uploaded_file($file['tmp_name'])
|| !$this->filenameValidator->isFilenameValid($file['tmp_name'])
) {
if ($file['error'] !== 0 || !is_uploaded_file($file['tmp_name'])) {
throw new InvalidArgumentException($this->l->t('Invalid file provided'));
}
if ($file['size'] > 20 * 1024 * 1024) {