diff options
author | zotlabs <mike@macgirvin.com> | 2016-10-23 17:46:29 -0700 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2016-10-23 17:46:29 -0700 |
commit | 5c891bcfb55c662bfb5d86b0d5695bd03523e842 (patch) | |
tree | 36448f578c01a9d55f83a956a6f313a595a0303e /Zotlabs/Module/Profile_photo.php | |
parent | 547c70076499010b240ec174696176a2f5de0dc8 (diff) | |
download | volse-hubzilla-5c891bcfb55c662bfb5d86b0d5695bd03523e842.tar.gz volse-hubzilla-5c891bcfb55c662bfb5d86b0d5695bd03523e842.tar.bz2 volse-hubzilla-5c891bcfb55c662bfb5d86b0d5695bd03523e842.zip |
need to perform dbunescbin on stored filenames as well as binary data - this is a no-op under mysql but could provide unpredictable data under postgres
Diffstat (limited to 'Zotlabs/Module/Profile_photo.php')
-rw-r--r-- | Zotlabs/Module/Profile_photo.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/Zotlabs/Module/Profile_photo.php b/Zotlabs/Module/Profile_photo.php index 8a12e3799..231b80bcf 100644 --- a/Zotlabs/Module/Profile_photo.php +++ b/Zotlabs/Module/Profile_photo.php @@ -98,7 +98,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { if($r) { $base_image = $r[0]; - $base_image['content'] = (($r[0]['os_storage']) ? @file_get_contents($base_image['content']) : dbunescbin($base_image['content'])); + $base_image['content'] = (($r[0]['os_storage']) ? @file_get_contents(dbunescbin($base_image['content'])) : dbunescbin($base_image['content'])); $im = photo_factory($base_image['content'], $base_image['mimetype']); if($im->is_valid()) { @@ -354,7 +354,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { } if(intval($r[0]['os_storage'])) - $data = @file_get_contents($r[0]['content']); + $data = @file_get_contents(dbunescbin($r[0]['content'])); else $data = dbunescbin($r[0]['content']); |