Fixed item image filenames.

diff --git a/inventory/includes/inventory_db.inc b/inventory/includes/inventory_db.inc
index 2e22d692f9fa072998f81b83fc075df4475ec723..d7b20c9d8f72cdfee4cc32763144c272a68ce4de 100644 (file)
--- a/inventory/includes/inventory_db.inc
+++ b/inventory/includes/inventory_db.inc
@@ -24,4 +24,9 @@ include_once($path_to_root . "/inventory/includes/db/items_adjust_db.inc");
 include_once($path_to_root . "/inventory/includes/db/items_transfer_db.inc");
 include_once($path_to_root . "/inventory/includes/db/items_units_db.inc");
 
+function item_img_name($stock_id)
+{
+       return strtr($stock_id, "><\\/:|*?", '________');
+}
+
 ?>
\ No newline at end of file

diff --git a/inventory/manage/items.php b/inventory/manage/items.php
index 1643375afca205d2361640b0608df65a334eeab9..c841514c599fa8a0d1c05ed379b88bbc61d3f402 100644 (file)
--- a/inventory/manage/items.php
+++ b/inventory/manage/items.php
@@ -27,11 +27,11 @@ $new_item = get_post('stock_id')=='';
 
 if (isset($_GET['stock_id']))
 {
-       $_POST['stock_id'] = $stock_id = strtoupper($_GET['stock_id']);
+       $_POST['stock_id'] = $stock_id = $_GET['stock_id'];
 }
 else if (isset($_POST['stock_id']))
 {
-       $stock_id = strtoupper($_POST['stock_id']);
+       $stock_id = $_POST['stock_id'];
 }
 
 if (list_updated('stock_id')) {
@@ -50,7 +50,7 @@ if (isset($_FILES['pic']) && $_FILES['pic']['name'] != '')
        {
                mkdir($filename);
        }       
-       $filename .= "/$stock_id.jpg";
+       $filename .= "/".item_img_name($stock_id).".jpg";
        
         //But check for the worst 
        if (strtoupper(substr(trim($_FILES['pic']['name']), strlen($_FILES['pic']['name']) - 3)) != 'JPG')
@@ -239,7 +239,7 @@ if (isset($_POST['delete']) && strlen($_POST['delete']) > 1)
 
                $stock_id = $_POST['NewStockID'];
                delete_item($stock_id);
-               $filename = $comp_path . "/$user_comp/images/$stock_id.jpg";
+               $filename = $comp_path . "/$user_comp/images/".item_img_name($stock_id).".jpg";
                if (file_exists($filename))
                        unlink($filename);
                display_notification(_("Selected item has been deleted."));
@@ -391,11 +391,12 @@ table_section_title(_("Picture"));
 label_row(_("Image File (.jpg)") . ":", "<input type='file' id='pic' name='pic'>");
 // Add Image upload for New Item  - by Joe
 $stock_img_link = "";
-if (isset($_POST['NewStockID']) && file_exists("$comp_path/$user_comp/images/".$_POST['NewStockID'].".jpg")) 
+if (isset($_POST['NewStockID']) && file_exists("$comp_path/$user_comp/images/"
+       .item_img_name($_POST['NewStockID']).".jpg")) 
 {
  // 31/08/08 - rand() call is necessary here to avoid caching problems. Thanks to Peter D.
        $stock_img_link .= "<img id='item_img' alt = '[".$_POST['NewStockID'].".jpg".
-               "]' src='$comp_path/$user_comp/images/".$_POST['NewStockID'].".jpg?nocache=".rand()."'".
+               "]' src='$comp_path/$user_comp/images/".item_img_name($_POST['NewStockID']).".jpg?nocache=".rand()."'".
                " width='$pic_width' height='$pic_height' border='0'>";
 } 
 else 

diff --git a/reporting/rep104.php b/reporting/rep104.php
index 280f447a74cd39363df0faafb3aac089347d2b9f..ac9a5f8fa3097d6ff19c2d13e3bbe5571d4fcd7f 100644 (file)
--- a/reporting/rep104.php
+++ b/reporting/rep104.php
@@ -24,7 +24,7 @@ include_once($path_to_root . "/includes/ui/ui_input.inc");
 include_once($path_to_root . "/includes/data_checks.inc");
 include_once($path_to_root . "/gl/includes/gl_db.inc");
 include_once($path_to_root . "/sales/includes/db/sales_types_db.inc");
-include_once($path_to_root . "/inventory/includes/db/items_category_db.inc");
+include_once($path_to_root . "/inventory/includes/db/inventory_db.inc");
 
 //----------------------------------------------------------------------------------------------------
 
@@ -159,7 +159,8 @@ function print_price_listing()
                }
                if ($pictures)
                {
-                       $image = $comp_path . '/'. $user_comp . "/images/" . $myrow['stock_id'] . ".jpg";
+                       $image = $comp_path . '/'. $user_comp . "/images/" 
+                               . item_img_name($myrow['stock_id']) . ".jpg";
                        if (file_exists($image))
                        {
                                $rep->NewLine();

diff --git a/reporting/rep303.php b/reporting/rep303.php
index b46e1d817ed714ff1a6f1ca01b448768c26595a9..f4c73db30d67ebe125575587b4ae42074e88f590 100644 (file)
--- a/reporting/rep303.php
+++ b/reporting/rep303.php
@@ -22,7 +22,7 @@ include_once($path_to_root . "/includes/session.inc");
 include_once($path_to_root . "/includes/date_functions.inc");
 include_once($path_to_root . "/includes/data_checks.inc");
 include_once($path_to_root . "/gl/includes/gl_db.inc");
-include_once($path_to_root . "/inventory/includes/db/items_category_db.inc");
+include_once($path_to_root . "/inventory/includes/db/inventory_db.inc");
 
 //----------------------------------------------------------------------------------------------------
 
@@ -200,7 +200,8 @@ function print_stock_check()
                }
                if ($pictures)
                {
-                       $image = $comp_path .'/'. $user_comp . '/images/' . $trans['stock_id'] . '.jpg';
+                       $image = $comp_path .'/'. $user_comp . '/images/' 
+                               . item_img_name($trans['stock_id']) . '.jpg';
                        if (file_exists($image))
                        {
                                $rep->NewLine();