nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-19 00:22:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

security of request upload item

Browse Source
This commit is contained in:
Čarodej
2022-02-19 12:49:56 +01:00
parent 1107bf66af
commit 171ee5fa04
15 changed files with 172 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Domain/Files/Controllers/FileAccess/VisitorGetThumbnailController.php
View File

@@ -30,11 +30,9 @@ class VisitorGetThumbnailController extends Controller
// Check ability to access protected share files
($this->protectShareRecord)($shared);
$originalFileName = substr($filename, 3);
// Get file record
$file = UserFile::where('user_id', $shared->user_id)
->where('basename', $originalFileName)
->where('basename', substr($filename, 3))
->firstOrFail();
// Check file access