devol
/
LinkStack
mirror of https://github.com/LinkStackOrg/LinkStack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

File type validation when importing userdata

This commit is contained in:
Julian Prieber 2024-02-06 23:00:39 +01:00
parent cec01d3d02
commit 97299ae627
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
app/Http/Controllers/UserController.php
View File

@ -1144,17 +1144,24 @@ class UserController extends Controller
$sanitizedText = strip_tags_except_allowed_protocols($sanitizedText);
$user->littlelink_description = $sanitizedText;
}
$allowedExtensions = array('jpeg', 'jpg', 'png', 'webp');
$userExtension = strtolower($userData['image_extension']);
if (isset($userData['image_data'])) {
if (in_array($userExtension, $allowedExtensions)) {
// Decode the image data from Base64
$imageData = base64_decode($userData['image_data']);
// Save the image to the correct path with the correct file name and extension
$filename = $user->id . '.' . $userData['image_extension'];
file_put_contents(base_path('img/' . $filename), $imageData);
$filename = $user->id . '.' . $userExtension;
file_put_contents(base_path('assets/img/' . $filename), $imageData);
// Update the user's image field with the correct file name
$user->image = $filename;
}
}
$user->save();
// Delete all links for the authenticated user