2e7bbc6566336d6924615549b8d765f99a310bfb,src-modules/org/opencms/editors/usergenerated/CmsFormSessionSecurityUtil.java,CmsFormSessionSecurityUtil,checkCreateUpload,#CmsObject#CmsFormConfiguration#String#number#,85

Before Change


                }
            }
            if (!foundExtension) {
                throw new CmsPermissionViolationException(Messages.get().container(
                    Messages.ERR_UPLOAD_FILE_EXTENSION_NOT_ALLOWED_1,
                    name));
            }
        }
    }

After Change


        if (!config.getUploadParentFolder().isPresent()) {
            String message = Messages.get().container(Messages.ERR_NO_UPLOADS_ALLOWED_0).key(
                cms.getRequestContext().getLocale());
            throw new CmsFormException(CmsFormConstants.ErrorCode.errNoUploadAllowed, message);
        }

        if (config.getMaxUploadSize().isPresent()) {
            if (config.getMaxUploadSize().get().longValue() < size) {
                String message = Messages.get().container(Messages.ERR_UPLOAD_TOO_BIG_1, name).key(
                    cms.getRequestContext().getLocale());
                throw new CmsFormException(CmsFormConstants.ErrorCode.errMaxUploadSizeExceeded, message);
            }
        }

        if (config.getValidExtensions().isPresent()) {
            List<String> validExtensions = config.getValidExtensions().get();
            boolean foundExtension = false;
            for (String extension : validExtensions) {
                if (name.toLowerCase().endsWith(extension.toLowerCase())) {
                    foundExtension = true;
                    break;
                }
            }
            if (!foundExtension) {
                String message = Messages.get().container(Messages.ERR_UPLOAD_FILE_EXTENSION_NOT_ALLOWED_1, name).key(
                    cms.getRequestContext().getLocale());
                throw new CmsFormException(CmsFormConstants.ErrorCode.errInvalidExtension, message);
            }
        }
    }