fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HOR-3284

Browse Source
This commit is contained in:
qronald
2017-05-31 14:28:37 -04:00
committed by Julio Cesar Laura Avendaño
parent d76446a0cc
commit 3a26dce3a0
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
workflow/engine/src/ProcessMaker/BusinessModel/FilesManager.php
View File

@@ -152,7 +152,7 @@ class FilesManager
{
try {
$aData['prf_path'] = rtrim($aData['prf_path'], '/') . '/';
if (!$aData['prf_filename']) {
if (!$aData['prf_filename'] || strpbrk($aData['prf_filename'], "\\/?%*:|\"<>") !== false) {
throw new \Exception(\G::LoadTranslation("ID_INVALID_VALUE_FOR", array('prf_filename')));
}
$extention = strstr($aData['prf_filename'], '.');