projects
/
fa-stable.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
b50a745
)
Fixed bug in attachments uploading.
author
Janusz Dobrowolski
<janusz@frontaccouting.eu>
Sat, 11 Feb 2012 19:52:35 +0000
(20:52 +0100)
committer
Janusz Dobrowolski
<janusz@frontaccouting.eu>
Sat, 11 Feb 2012 19:52:35 +0000
(20:52 +0100)
admin/attachments.php
patch
|
blob
|
history
diff --git
a/admin/attachments.php
b/admin/attachments.php
index 1ad50d699fe81d4d51bd91b163f0eba960514dab..d41684b1b87854187ac11ecd81a7b1dd700a7da2 100644
(file)
--- a/
admin/attachments.php
+++ b/
admin/attachments.php
@@
-92,16
+92,20
@@
if ($Mode == 'ADD_ITEM' || $Mode == 'UPDATE_ITEM')
$index_file = "<?php\nheader(\"Location: ../index.php\");\n?>";
$fp = fopen($dir."/index.php", "w");
fwrite($fp, $index_file);
$index_file = "<?php\nheader(\"Location: ../index.php\");\n?>";
$fp = fopen($dir."/index.php", "w");
fwrite($fp, $index_file);
- fclose($fp);
+ fclose($fp);
_vd($dir);
}
// file name compatible with POSIX
// protect against directory traversal
}
// file name compatible with POSIX
// protect against directory traversal
- $unique_name = preg_replace('/[^a-zA-Z0-9.\-_]/', '', $_POST['unique_name']);
- if ($Mode == 'UPDATE_ITEM' && file_exists($dir."/".$unique_name))
- unlink($dir."/".$unique_name);
-
- $unique_name = uniqid('');
+ if ($Mode == 'UPDATE_ITEM')
+ {
+ $unique_name = preg_replace('/[^a-zA-Z0-9.\-_]/', '', $_POST['unique_name']);
+ if ($Mode == 'UPDATE_ITEM' && file_exists($dir."/".$unique_name))
+ unlink($dir."/".$unique_name);
+ }
+ else
+ $unique_name = uniqid('');
move_uploaded_file($tmpname, $dir."/".$unique_name);
move_uploaded_file($tmpname, $dir."/".$unique_name);
+
//save the file
$filename = basename($_FILES['filename']['name']);
$filesize = $_FILES['filename']['size'];
//save the file
$filename = basename($_FILES['filename']['name']);
$filesize = $_FILES['filename']['size'];