From: Janusz Dobrowolski <janusz@frontaccouting.eu>
Date: Sat, 11 Feb 2012 19:52:35 +0000 (+0100)
Subject: Fixed bug in attachments uploading.
X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=commitdiff_plain;h=cd1629191cf99788fd0ddd8a9022cd0079bb8cf2;p=textcart.git

Fixed bug in attachments uploading.
---

diff --git a/admin/attachments.php b/admin/attachments.php
index 1ad50d6..d41684b 100644
--- a/admin/attachments.php
+++ b/admin/attachments.php
@@ -92,16 +92,20 @@ if ($Mode == 'ADD_ITEM' || $Mode == 'UPDATE_ITEM')
 			$index_file = "<?php\nheader(\"Location: ../index.php\");\n?>";
 			$fp = fopen($dir."/index.php", "w");
 			fwrite($fp, $index_file);
-			fclose($fp);
+			fclose($fp); _vd($dir);
 		}
 		// file name compatible with POSIX
 		// protect against directory traversal
-		$unique_name = preg_replace('/[^a-zA-Z0-9.\-_]/', '', $_POST['unique_name']);
-		if ($Mode == 'UPDATE_ITEM' && file_exists($dir."/".$unique_name))
-			unlink($dir."/".$unique_name);
-
-		$unique_name = uniqid('');
+		if ($Mode == 'UPDATE_ITEM')
+		{
+			$unique_name = preg_replace('/[^a-zA-Z0-9.\-_]/', '', $_POST['unique_name']);
+			if ($Mode == 'UPDATE_ITEM' && file_exists($dir."/".$unique_name))
+				unlink($dir."/".$unique_name);
+		}
+		else
+			$unique_name = uniqid('');
 		move_uploaded_file($tmpname, $dir."/".$unique_name);
+
 		//save the file
 		$filename = basename($_FILES['filename']['name']);
 		$filesize = $_FILES['filename']['size'];