MyBB Community Forums

MyBB Community Forums > Community > General Discussion > is this secure
Full Version: is this secure
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Jitendra M

2009-09-19, 02:16 AM
to check a file extension

$t = $_GET['name'];
$y = explode(".",$t);
if(count($y) > 2)
	{
		die()
	}
else
	{
		//do my thing
	}

the get used in the example above is for test on my localhost
the actual place this code is used has $t being filled via POST through $mybb->input and then "basename".

can this be beat

example
name.txt --- ok
name.exe.txt ---nope

if its not any suggestions --- get_extension in mybb functions.php is very complex

Ryan Gordon

2009-09-19, 05:43 AM
There are legit filenames with more then one dot in a given extension so your solution isn't feasible and could be riddled with bugs in production. You should look more into the logic of the MyBB get_extension function. It's not that complex compared to lets say, the sensors in a door on the Metro/Bart.

Dennis Tsang

2009-09-20, 05:05 PM
.htaccess

oops.

combus

2009-09-20, 07:25 PM
I think you shouldn't just check just extensions on file name, anyone can re-name an exploit to what ever that looks safe.
MyBB Community Forums > Community > General Discussion > is this secure