4
Quote:
Upgrading to 2.0.16 is not the solution to this problem
Ok, maybe not but still worth plugging those security holes, and upgrading to 2.0.16 (latest Version), to avoid possibly being hacked.
Look in edituser.php and find some code like:
include_once XOOPS_ROOT_PATH.'/class/uploader.php';
$uploader = new XoopsMediaUploader(XOOPS_UPLOAD_PATH, array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/x-png', 'image/png'), $xoopsConfigUser['avatar_maxsize'], $xoopsConfigUser['avatar_width'], $xoopsConfigUser['avatar_height']);
Add the mime type in there.
Kind Regards.
Tom
http://bassmanthemes.com
http://www.xoopslance.com