Support

    You are here:  
  1. Home
  2. Support
Toggle Submenu
  1. Forums
  2. Recent
  3. Categories
  4. Tags
  5. Users
  6. Badges
Support is currently Offline
Support Offline
It's past support hour. We are taking some rest and will come back stronger tomorrow. Promise!
Official support hours:
Monday To Friday except Saturday and Sunday
From 09:30 To 17:00
Our current time: Monday 5:09 pm
Add a reply View Replies (6)

Resolved How to restrict upload to only images

  1. sachinjavale5
    sachinjavale5
  2. Support
  3. Tuesday, May 27 2014, 02:49 PM
Hi,

I have purchased easy profile on 21/12/2013 and implemented successfully, only problem is, it allows authenticated users to upload malicious files in the function “Profile Picture” and "Cover Pircture". There is no check on the file content type being uploaded. For instance,
It was possible to upload a HTML file with malicious script, which can be used as a Stored XSS.

So how to restrict the image upload to image types only

Regards
Responses (6)
admin
admin Accepted Answer
Admin
Hi which version of EP?
  1. more than a month ago
  2. Support
  3. # 1
sachinjavale5
sachinjavale5 Accepted Answer
I am using JSN_PRO_1.1.0
  1. more than a month ago
  2. Support
  3. # 2
admin
admin Accepted Answer
Admin
Update to the latest version (1.3.0), but I recommend that you make a backup of your site before because Easy Profile has changed many things from 1.1.0.
  1. more than a month ago
  2. Support
  3. # 3
sachinjavale5
sachinjavale5 Accepted Answer
Hi,

At this time it wont be possible to update because we have created lot of fields and also customized css and also we are taking the site live tomorrow and if we update then it will take some time to check the conflicts which we dont have

So can you please let us know how to fix only that bug because we really don't have time for update now

Regards
  1. more than a month ago
  2. Support
  3. # 4
admin
admin Accepted Answer
Admin
try this:
copy attached file(image.php) into /administrator/com_jsn/models/rule/

in file /administrator/com_jsn/helpers/fields/image.php after line 54 add this:
validate="image"
Attachments (1)
image.php.zip
  1. more than a month ago
  2. Support
  3. # 5
sachinjavale5
sachinjavale5 Accepted Answer
It worked.

Really Appreciate Great Support!!!!

Thanks
  1. more than a month ago
  2. Support
  3. # 6
  • Page :
  • 1


There are no replies made for this post yet.
However, you are not allowed to reply to this post.
Sorry, the discussion is currently locked. You will not be able to post a reply at the moment.

Request Support

Support is currently Offline
Ask a Question
Official support hours:
Monday To Friday except Saturday and Sunday
From 09:30 To 17:00

Support Availability

Working days: Monday to Friday. The support staff is not available on weekends; in the most of cases tickets will not be answered during that time.

Reply time: Depending on the complexity of your support issue it's usually between a few minutes and 24 hours for paid members and about one week for free members. When we expect longer delays we will notify you.

Guidelines

Before you post: read the documentation and search the forums for an answer to your question.

When you post: include Site Details if you request a support (you can use the form below the reply in Site Details tab).

Auto Solved Question: If after a week the author of the post does not reply to a request by moderator, the question will be marked as resolved.

Language: only English

Search Users

Easy Profile® is not affiliated with or endorsed by Open Source Matters or the Joomla Project. Joomla is Free Software released under the GNU/GPL License.

We use a few cookies

Our site uses non fat, delicious cookies which help us improve your user experience. You can read more about it in our Legal page.