Do not trust the source file hash in UserAvatarImporter

see 5969fa3dfada7df170ff10b8c4d8bf349c38cef9

diff --git a/wcfsetup/install/files/lib/system/importer/UserAvatarImporter.class.php b/wcfsetup/install/files/lib/system/importer/UserAvatarImporter.class.php
index a97155f3560b7c1f8f0b75103ce86563aab412b5..e6324fff0e073812f68fa29c3eac345b15087a55 100644 (file)
--- a/wcfsetup/install/files/lib/system/importer/UserAvatarImporter.class.php
+++ b/wcfsetup/install/files/lib/system/importer/UserAvatarImporter.class.php
@@ -42,17 +42,13 @@ class UserAvatarImporter extends AbstractImporter
         $data['width'] = $imageData[0];
         $data['height'] = $imageData[1];
         $data['avatarExtension'] = ImageUtil::getExtensionByMimeType($imageData['mime']);
+        $data['fileHash'] = \sha1_file($additionalData['fileLocation']);
 
         // check image type
         if ($imageData[2] != \IMAGETYPE_GIF && $imageData[2] != \IMAGETYPE_JPEG && $imageData[2] != \IMAGETYPE_PNG) {
             return 0;
         }
 
-        // get file hash
-        if (empty($data['fileHash'])) {
-            $data['fileHash'] = \sha1_file($additionalData['fileLocation']);
-        }
-
         // get user id
         $data['userID'] = ImportHandler::getInstance()->getNewID('com.woltlab.wcf.user', $data['userID']);
         if (!$data['userID']) {