diff options
Diffstat (limited to 'modules/sysconfig.inc.php')
-rw-r--r-- | modules/sysconfig.inc.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/modules/sysconfig.inc.php b/modules/sysconfig.inc.php index 063ae65d..c883eb68 100644 --- a/modules/sysconfig.inc.php +++ b/modules/sysconfig.inc.php @@ -17,7 +17,8 @@ if (isset($_POST['action']) && $_POST['action'] === 'upload') { $dest = $_FILES['customtgz']['name']; $dest = preg_replace('/[^a-z0-9\-_]/', '', $dest); $dest = substr($dest, 0, 30); - if (substr($dest, -3) !== 'tgz') $dest .= '.tgz'; + if (substr($dest, -3) === 'tgz') $dest = substr($dest, 0, -3); + $dest .= '.tgz'; # TODO: Validate its a (compressed) tar? if (move_uploaded_file($_FILES['customtgz']['tmp_name'], CONFIG_TGZ_LIST_DIR . '/' . $dest)) { Message::addSuccess('upload-complete', $dest); |