Restrict rename #56
Comments
|
ARI use elFinder as core image manager, so the function that rename file but keep extension name is up to elFinder. Unfortunately It seems elFinder does not provider this feature so I can't do that. |
|
Hi Simon, What about the 'acceptedName' elFinder connector option ? br ----- Oorspronkelijk bericht ----- Van: "Simon Asika" [email protected] ARI use elFinder as core image manager, so the function that rename file but keep extension name is up to elFinder. Unfortunately It seems elFinder does not provider this feature so I can't do that. — |
|
I have to research for this option, I have long time not see connector's code. If it's works, I will update it. Thank you for this information. |
First of all - what a great extension ! This really should be the default joomla media manager !
My remark: you need to disable safe mode to allow renaming of files and folders. I 'm using this extension e.g. for blog intro and full article image upload and creation: upload the image - resize if needed and then make a copy and size it down to thumbnail size (= intro image). Super easy, but I want to rename the copied image to <imagename)_intro.jpg so I need to disable safe mode.
With safe mode disabled, someone could upload a fake image and then rename it to e.g. .php which is a security risk so my question is: why not provide a mode that forces to keep the same file name extension. That way, one can only change something.jpg to anythingelse.jpg. Looks to me like a simple change and it provides some extra security.
The text was updated successfully, but these errors were encountered: