diff --git a/src/member/edit_space_info.php b/src/member/edit_space_info.php index cbeb88b..0bf572d 100755 --- a/src/member/edit_space_info.php +++ b/src/member/edit_space_info.php @@ -21,10 +21,17 @@ if($dopost=='save') $spacename =(empty($spacename))? "" : $spacename; $maxlength = $cfg_max_face * 1024; $userdir = $cfg_user_dir.'/'.$cfg_ml->M_ID; + + if (strpos($oldspacelogo,"..") > 0) + { + die("not support!"); + } + if(!preg_match('#^'.$userdir."#", $oldspacelogo)) { $oldspacelogo = ''; } + if(is_uploaded_file($spacelogo)) { if(@filesize($_FILES['spacelogo']['tmp_name']) > $maxlength)