if (get_post('upload'))
{
$tmpname = $_FILES['uploadfile']['tmp_name'];
- $fname = clean_file_name($_FILES['uploadfile']['name']);
+ $fname = trim(basename($_FILES['uploadfile']['name']));
- if (!preg_match("/.sql(.zip|.gz)?$/", $fname))
+ if (!preg_match("/\.sql(\.zip|\.gz)?$/", $fname))
display_error(_("You can only upload *.sql backup files"));
elseif (is_uploaded_file($tmpname)) {
rename($tmpname, BACKUP_PATH . $fname);