Ticket #11926: git.patch

File git.patch, 1.9 KB (added by manwe@…, 10 years ago)

hardened patch-file (created with TortoiseSVN for GIT)

  • branches/fixes/0.27/classes/Video.php 

    diff --git a/branches/fixes/0.27/classes/Video.php b/branches/fixes/0.27/classes/Video.php
    a b  
    168168                    $this->length,
    169169                    $this->showlevel,
    170170                    $this->filename,
    171                     ( @filesize($this->cover_file) > 0 ? $this->cover_file : 'No Cover' ),
     171                    ( @filesize(setting("VideoArtworkDir", hostname)."/".basename($this->cover_file)) > 0 ? basename($this->cover_file) : 'No Cover' ),
    172172                    $this->browse,
    173173                    $this->intid
    174174                    );

  • branches/fixes/0.27/modules/video/edit.php 

    diff --git a/branches/fixes/0.27/modules/video/edit.php b/branches/fixes/0.27/modules/video/edit.php
    a b  
    5555        $Video->showlevel   = $_REQUEST['showlevel'];
    5656        $Video->browse      = $_REQUEST['browse'];
    5757        if (is_uploaded_file($_FILES['coverfile']['tmp_name'])) {
    58             $filename = setting('VideoArtworkDir', hostname).'/id-'.$_REQUEST['intid'].'.jpg';
    59             move_uploaded_file($_FILES['coverfile']['tmp_name'], $filename);
    60             chmod($filename, 0644); // make cover file readable by other users
     58            $filename = 'id'.$_REQUEST['intid'].'.jpg';
     59            move_uploaded_file($_FILES['coverfile']['tmp_name'], setting('VideoArtworkDir', hostname).'/'.$filename);
     60            chmod(setting('VideoArtworkDir', hostname).'/'.$filename, 0644); // make cover file readable by other users
    6161            $Video->cover_file = $filename;
    6262        }
    6363        $Video->save();