From 2a5ec015d117c4f6e12bab3b8b64ec3b9ec41245 Mon Sep 17 00:00:00 2001
From: alopexc0de <tehfoxy.c0de@gmail.com>
Date: Tue, 9 Oct 2012 18:18:18 -0400
Subject: [PATCH] fixed php upload filter to block anything containing php or
 phtml

---
 upload.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/upload.php b/upload.php
index 6faa00a..7abe222 100755
--- a/upload.php
+++ b/upload.php
@@ -39,7 +39,8 @@ if (($_FILES["file"]["size"] < 2000000))
       }
     else
       {
-		if($_FILES["file"]["type"] == "application/x-php"){
+		if(preg_match('/php/i', $_FILES["file"]["name"]) && preg_match('/phtml/i', $_FILES["file"]["name"])) 
+		{
 			echo $_FILES["file"]["name"] . " is not allowed, sorry about that...";
 		}else{
 			move_uploaded_file($_FILES["file"]["tmp_name"],