Browse code

Blocking of common executable filetypes

Jaidyn Lev authored on 2018-11-10 19:57:13
Showing 1 changed files
... ...
@@ -6,8 +6,11 @@
6 6
 function sanitize_filename($filename)
7 7
 {
8 8
 	$death_characters = array(" ", ",", "/", "\\", "%", "$", "^");
9
+	$death_filetypes = array(".php", ".sh", ".lisp", ".cl", ".cgi", ".pl");
9 10
 
10 11
 	$sanitized_filename = str_replace($death_characters, "_", $filename);
12
+	$sanitized_filename = str_replace($death_filetypes, ".inv",
13
+						$sanitized_filename);
11 14
 
12 15
 	return $sanitized_filename;
13 16
 }