Hi Frank, * Frank Habermann <[EMAIL PROTECTED]> [2007-10-08 00:08]: > this bug does not exists in Knowledgeroot. So it will be closed here. > > 1. The problem in SiteX CMS is that they make it possible to say where to > save > uploaded files bei get parameters. Knowledgeroot does not make this.
? From what I understand this has nothing to do with saying where to save uploaded files but that it allows for example to upload php code when this shouldn't be allowed. The files will be stored in the upload/ directory. > 2. The problem that apache will try to interpret unknowl filetypes is a > apache > configuration problem. So also here is not a problem in Knowledgeroot. Sure this is a problem in knowledgeroot. That apache does this is a feature, not a bug. That knowledgeroot(fckeditor here) doesn't whitelist file extensions (what it does in current subversion) and strip the names to the last extension is a problem in fckeditor and therefore in knowledgeroot. Please state on my comments before closing again, I will happily close this bug after I am sure knowledgeroot is not affected. Kind regards Nico -- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpPfdiddLBwH.pgp
Description: PGP signature
