Proper validation of file extension (supports multipel e.g. .tar.gz)

diff --git a/wcfsetup/install/files/lib/system/upload/DefaultUploadFileValidationStrategy.class.php b/wcfsetup/install/files/lib/system/upload/DefaultUploadFileValidationStrategy.class.php
index d1847e7dced0a9d413c02bcd7cd4f8dc2716d1e8..8e0131aa4822572aa8a0a2828e0e6c6f40e99ad5 100644 (file)
--- a/wcfsetup/install/files/lib/system/upload/DefaultUploadFileValidationStrategy.class.php
+++ b/wcfsetup/install/files/lib/system/upload/DefaultUploadFileValidationStrategy.class.php
@@ -39,7 +39,7 @@ class DefaultUploadFileValidationStrategy implements IUploadFileValidationStrate
        public function __construct($maxFilesize, array $fileExtensions) {
                $this->maxFilesize = $maxFilesize;
                $this->fileExtensions = $fileExtensions;
-               $this->fileExtensionRegex = '/^('.str_replace("\n", "|", str_replace('\*', '.*', preg_quote(implode("\n", $fileExtensions), '/'))).')$/i';
+               $this->fileExtensionRegex = '/('.str_replace("\n", "|", str_replace('\*', '.*', preg_quote(implode("\n", $fileExtensions), '/'))).')$/i';
        }
        
        /**
@@ -56,7 +56,7 @@ class DefaultUploadFileValidationStrategy implements IUploadFileValidationStrate
                        return false;
                }
                
-               if (!preg_match($this->fileExtensionRegex, $uploadFile->getFileExtension())) {
+               if (!preg_match($this->fileExtensionRegex, mb_strtolower($uploadFile->getFilename()))) {
                        $uploadFile->setValidationErrorType('invalidExtension');
                        return false;
                }