From 5f5d7a74069916b3185faaedbace6408e2a06ed8 Mon Sep 17 00:00:00 2001
From: Bradley Taylor <hello@brad-taylor.co.uk>
Date: Fri, 23 Dec 2022 17:05:03 +0000
Subject: [PATCH] Only allow valid image types to be uploaded to image_URL
 field on profiles

---
 CRM/Core/BAO/UFGroup.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CRM/Core/BAO/UFGroup.php b/CRM/Core/BAO/UFGroup.php
index 6987ebbff2..0c9d57caa2 100644
--- a/CRM/Core/BAO/UFGroup.php
+++ b/CRM/Core/BAO/UFGroup.php
@@ -1894,6 +1894,9 @@ AND    ( entity_id IS NULL OR entity_id <= 0 )
       }
     }
     elseif (substr($fieldName, 0, 9) === 'image_URL') {
+      if (!isset($attributes['accept'])) {
+        $attributes['accept'] = 'image/png, image/jpeg, image/gif';
+      }
       $form->add('file', $name, $title, $attributes, $required);
       $form->addUploadElement($name);
     }
-- 
2.25.1