From 97299ae627707d671d572d96ba70f47c808864ff Mon Sep 17 00:00:00 2001
From: Julian Prieber <julian.prieber@gmail.com>
Date: Tue, 6 Feb 2024 23:00:39 +0100
Subject: [PATCH] File type validation when importing userdata

---
 app/Http/Controllers/UserController.php | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php
index da99d37..4450bc3 100755
--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@@ -1144,17 +1144,24 @@ class UserController extends Controller
                 $sanitizedText = strip_tags_except_allowed_protocols($sanitizedText);
                 $user->littlelink_description = $sanitizedText;
             }
+
+            $allowedExtensions = array('jpeg', 'jpg', 'png', 'webp');
+            $userExtension = strtolower($userData['image_extension']);
+
             if (isset($userData['image_data'])) {
+                if (in_array($userExtension, $allowedExtensions)) {
                 // Decode the image data from Base64
                 $imageData = base64_decode($userData['image_data']);
                 
                 // Save the image to the correct path with the correct file name and extension
-                $filename = $user->id . '.' . $userData['image_extension'];
-                file_put_contents(base_path('img/' . $filename), $imageData);
+                $filename = $user->id . '.' . $userExtension;
+                file_put_contents(base_path('assets/img/' . $filename), $imageData);
                 
                 // Update the user's image field with the correct file name
                 $user->image = $filename;
+                }
             }
+            
             $user->save();
     
             // Delete all links for the authenticated user