Bug #24369 » 16785-4_4-v2.patch
| t3lib/class.t3lib_div.php (working copy) | ||
|---|---|---|
|
// Compile the path & command
|
||
|
if($im_version==='gm') {
|
||
|
$switchCompositeParameters=true;
|
||
|
$path = escapeshellarg($path . 'gm' . $isExt) . ' ' . $command;
|
||
|
$originalPath = $path . 'gm' . $isExt;
|
||
|
$path = escapeshellarg($originalPath);
|
||
|
// if escapeshellarg didn't change anything or if there is no whitespace in the original string
|
||
|
// keep the original for (partial) safe_mode compatibility
|
||
|
if (trim($path, '"\'') == $originalPath && !preg_match('/[[:space:]]/', $originalPath)) {
|
||
|
$path = $originalPath;
|
||
|
}
|
||
|
$path .= ' ' . $command;
|
||
|
} else {
|
||
|
if($im_version==='im6') { $switchCompositeParameters=true; }
|
||
|
$path = escapeshellarg($path . (($command == 'composite') ? $combineScript : $command) . $isExt);
|
||
|
$originalPath = $path . (($command == 'composite') ? $combineScript : $command) . $isExt;
|
||
|
$path = escapeshellarg($originalPath);
|
||
|
// if escapeshellarg didn't change anything or if there is no whitespace in the original string
|
||
|
// keep the original for (partial) safe_mode compatibility
|
||
|
if (trim($path, '"\'') == $originalPath && !preg_match('/[[:space:]]/', $originalPath)) {
|
||
|
$path = $originalPath;
|
||
|
}
|
||
|
}
|
||
|
// strip profile information for thumbnails and reduce their size
|
||
| t3lib/class.t3lib_stdgraphic.php (working copy) | ||
|---|---|---|
|
* @return string $inputName escaped as needed
|
||
|
*/
|
||
|
protected function wrapFileName($inputName) {
|
||
|
return escapeshellarg($inputName);
|
||
|
$escapedInputName = escapeshellarg($inputName);
|
||
|
// if escapeshellarg didn't change anything or if there is no whitespace in the original string
|
||
|
// keep the original for (partial) safe_mode compatibility
|
||
|
if (trim($escapedInputName, '"\'') == $inputName && !preg_match('/[[:space:]]/', $inputName)) {
|
||
|
$escapedInputName = $inputName;
|
||
|
}
|
||
|
return $escapedInputName;
|
||
|
}
|
||
| t3lib/thumbs.php (working copy) | ||
|---|---|---|
|
* @return string $inputName escaped as needed
|
||
|
*/
|
||
|
protected function wrapFileName($inputName) {
|
||
|
return escapeshellarg($inputName);
|
||
|
$escapedInputName = escapeshellarg($inputName);
|
||
|
// if escapeshellarg didn't change anything or if there is no whitespace in the original string
|
||
|
// keep the original for (partial) safe_mode compatibility
|
||
|
if (trim($escapedInputName, '"\'') == $inputName && !preg_match('/[[:space:]]/', $inputName)) {
|
||
|
$escapedInputName = $inputName;
|
||
|
}
|
||
|
return $escapedInputName;
|
||
|
}
|
||
|
}
|
||
- « Previous
- 1
- 2
- 3
- Next »