From 5b66a186b3142f6ec11f63c818c4141d40c78471 Mon Sep 17 00:00:00 2001
From: Thorsten Rinne <thorsten@phpmyfaq.de>
Date: Sun, 1 Dec 2013 16:53:19 +0100
Subject: [PATCH] Don't allow updates of PHP files

---
 .../editor/plugins/ajaxfilemanager/inc/class.upload.php   | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/phpmyfaq/admin/editor/plugins/ajaxfilemanager/inc/class.upload.php b/phpmyfaq/admin/editor/plugins/ajaxfilemanager/inc/class.upload.php
index f17347a8c2..bc2796803e 100644
--- a/phpmyfaq/admin/editor/plugins/ajaxfilemanager/inc/class.upload.php
+++ b/phpmyfaq/admin/editor/plugins/ajaxfilemanager/inc/class.upload.php
@@ -229,6 +229,14 @@ function moveUploadedFile($dest, $fileBaseName = '', $overwrite=false)
             return false;
         }
 
+        // Don't allow PHP files
+        $blacklist = array('.php', '.phtml', '.php3', '.php4', '.php5');
+        foreach ($blacklist as $item) {
+            if (preg_match("/$item\$/i", $this->_value['tmp_name'])) {
+                return false;
+            }
+        }
+
         // Don't allow nullbytes in uploaded files
         $this->_value['tmp_name'] = str_replace(chr(0), '', $this->_value['tmp_name']);