From: Janusz Dobrowolski <janusz@frontaccouting.eu>
Date: Sat, 11 Feb 2012 19:52:35 +0000 (+0100)
Subject: Fixed bug in attachments uploading.
X-Git-Tag: 2.3-final~485
X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=commitdiff_plain;h=d547fddd3f624f338164ac1f93f064a7ba722525;p=fa-stable.git

Fixed bug in attachments uploading.
---

diff --git a/admin/attachments.php b/admin/attachments.php
index 1ad50d69..d41684b1 100644
--- a/admin/attachments.php
+++ b/admin/attachments.php
@@ -92,16 +92,20 @@ if ($Mode == 'ADD_ITEM' || $Mode == 'UPDATE_ITEM')
 			$index_file = "<?php\nheader(\"Location: ../index.php\");\n?>";
 			$fp = fopen($dir."/index.php", "w");
 			fwrite($fp, $index_file);
-			fclose($fp);
+			fclose($fp); _vd($dir);
 		}
 		// file name compatible with POSIX
 		// protect against directory traversal
-		$unique_name = preg_replace('/[^a-zA-Z0-9.\-_]/', '', $_POST['unique_name']);
-		if ($Mode == 'UPDATE_ITEM' && file_exists($dir."/".$unique_name))
-			unlink($dir."/".$unique_name);
-
-		$unique_name = uniqid('');
+		if ($Mode == 'UPDATE_ITEM')
+		{
+			$unique_name = preg_replace('/[^a-zA-Z0-9.\-_]/', '', $_POST['unique_name']);
+			if ($Mode == 'UPDATE_ITEM' && file_exists($dir."/".$unique_name))
+				unlink($dir."/".$unique_name);
+		}
+		else
+			$unique_name = uniqid('');
 		move_uploaded_file($tmpname, $dir."/".$unique_name);
+
 		//save the file
 		$filename = basename($_FILES['filename']['name']);
 		$filesize = $_FILES['filename']['size'];