X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=admin%2Fattachments.php;h=1ad50d699fe81d4d51bd91b163f0eba960514dab;hb=7ce9ff6a73214a39ff495f04b330563212b43acb;hp=30090517cdaad37bf38926089c87d3674c338cd1;hpb=87d6b416b6f81fbdfea083895a9074e22e90ed34;p=fa-stable.git

diff --git a/admin/attachments.php b/admin/attachments.php
index 30090517..1ad50d69 100644
--- a/admin/attachments.php
+++ b/admin/attachments.php
@@ -94,13 +94,16 @@ if ($Mode == 'ADD_ITEM' || $Mode == 'UPDATE_ITEM')
 			fwrite($fp, $index_file);
 			fclose($fp);
 		}
-		if ($Mode == 'UPDATE_ITEM' && file_exists($dir."/".$_POST['unique_name']))
-			unlink($dir."/".$_POST['unique_name']);
+		// file name compatible with POSIX
+		// protect against directory traversal
+		$unique_name = preg_replace('/[^a-zA-Z0-9.\-_]/', '', $_POST['unique_name']);
+		if ($Mode == 'UPDATE_ITEM' && file_exists($dir."/".$unique_name))
+			unlink($dir."/".$unique_name);
 
 		$unique_name = uniqid('');
 		move_uploaded_file($tmpname, $dir."/".$unique_name);
 		//save the file
-		$filename = $_FILES['filename']['name'];
+		$filename = basename($_FILES['filename']['name']);
 		$filesize = $_FILES['filename']['size'];
 		$filetype = $_FILES['filename']['type'];
 	}