diff --git a/app/code/core/Mage/Core/Model/File/Validator/Image.php b/app/code/core/Mage/Core/Model/File/Validator/Image.php
index 3cffb63c96a..215718c265b 100644
--- a/app/code/core/Mage/Core/Model/File/Validator/Image.php
+++ b/app/code/core/Mage/Core/Model/File/Validator/Image.php
@@ -75,6 +75,7 @@ public function setAllowedImageTypes(array $imageFileExtensions = [])
/**
* Validation callback for checking if file is image
+ * Destroy malicious code in image by reprocessing
*
* @param string $filePath Path to temporary uploaded file
* @return null
@@ -85,11 +86,15 @@ public function validate($filePath)
list($imageWidth, $imageHeight, $fileType) = getimagesize($filePath);
if ($fileType) {
if ($this->isImageType($fileType)) {
- /** Check deprecated 'general/reprocess_images/active' for BC. If false then skip image reprocessing. */
- if (Mage::getStoreConfig('general/reprocess_images/active') !== null) {
- $imageQuality = Mage::getStoreConfigFlag('general/reprocess_images/active') ? 100 : 0;
+ // Config 'general/reprocess_images/active' is deprecated, replacement is the following:
+ $imageQuality = Mage::getStoreConfig('admin/security/reprocess_image_quality');
+ if ($imageQuality !== null) {
+ $imageQuality = (int) $imageQuality;
} else {
- $imageQuality = (int) Mage::getStoreConfig('admin/security/reprocess_image_quality');
+ // Value not set in backend. For BC, if depcrecated config does not exist, default to 85.
+ $imageQuality = Mage::getStoreConfig('general/reprocess_images/active') === null
+ ? 85
+ : (Mage::getStoreConfigFlag('general/reprocess_images/active') ? 85 : 0);
}
if ($imageQuality === 0) {
return null;
diff --git a/app/code/core/Mage/Core/etc/config.xml b/app/code/core/Mage/Core/etc/config.xml
index 643f0e89a01..a0528aed8db 100644
--- a/app/code/core/Mage/Core/etc/config.xml
+++ b/app/code/core/Mage/Core/etc/config.xml
@@ -440,7 +440,6 @@
1108000
- 85
diff --git a/app/code/core/Mage/Core/etc/system.xml b/app/code/core/Mage/Core/etc/system.xml
index 53411e945bc..eeb81099816 100644
--- a/app/code/core/Mage/Core/etc/system.xml
+++ b/app/code/core/Mage/Core/etc/system.xml
@@ -1282,8 +1282,8 @@
- Optimum value is 85, higher value will increase file size. Set to 0 to turn off images reprocessing, which may cause security risks.
- required-entry validate-digits validate-digits-range digits-range-0-100
+ Optimum value is 85 (default), higher value will increase file size. Set to 0 to turn off images reprocessing, which may cause security risks.
+ validate-digits validate-digits-range digits-range-0-10018011
diff --git a/app/locale/en_US/Mage_Core.csv b/app/locale/en_US/Mage_Core.csv
index 924034de292..155c0df85d9 100644
--- a/app/locale/en_US/Mage_Core.csv
+++ b/app/locale/en_US/Mage_Core.csv
@@ -227,7 +227,7 @@
"New Website","New Website"
"No","No"
"Offloader header","Offloader header"
-"Optimum value is 85, higher value will increase file size. Set to 0 to turn off images reprocessing, which may cause security risks.","Optimum value is 85, higher value will increase file size. Set to 0 to turn off images reprocessing, which may cause security risks."
+"Optimum value is 85 (default), higher value will increase file size. Set to 0 to turn off images reprocessing, which may cause security risks.","Optimum value is 85 (default), higher value will increase file size. Set to 0 to turn off images reprocessing, which may cause security risks."
"PHP SOAP extension is required.","PHP SOAP extension is required."
"Package","Package"
"Pagination","Pagination"