瀏覽代碼

Fix image delete once more

causefx 7 年之前
父節點
當前提交
b5c04905ff
共有 1 個文件被更改,包括 3 次插入3 次删除
  1. 3 3
      api/functions/organizr-functions.php

+ 3 - 3
api/functions/organizr-functions.php

@@ -1541,10 +1541,10 @@ function editImages()
 	$array = array();
 	$postCheck = array_filter($_POST);
 	$filesCheck = array_filter($_FILES);
-	$approvedPath = 'plugins/images/tabs';
+	$approvedPath = 'plugins/images/tabs/';
 	if (!empty($postCheck)) {
-		$removeImage = str_replace('../', '', $_POST['data']['imagePath']);
-		if ($_POST['data']['action'] == 'deleteImage' && approvedFileExtension($_POST['data']['imagePath']) && strpos($removeImage, $approvedPath) !== false) {
+		$removeImage = $approvedPath . pathinfo($_POST['data']['imagePath'], PATHINFO_BASENAME);
+		if ($_POST['data']['action'] == 'deleteImage' && approvedFileExtension($removeImage)) {
 			if (file_exists(dirname(__DIR__, 2) . DIRECTORY_SEPARATOR . $removeImage)) {
 				writeLog('success', 'Image Manager Function -  Deleted Image [' . $_POST['data']['imageName'] . ']', $GLOBALS['organizrUser']['username']);
 				return (unlink(dirname(__DIR__, 2) . DIRECTORY_SEPARATOR . $removeImage)) ? true : false;