projects
/
fa-stable.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
ae3a056
)
[0005200] Attach Documents: filename length check added to avoid unexpected error...
author
Janusz Dobrowolski
<janusz@frontaccounting.eu>
Fri, 25 Sep 2020 12:18:37 +0000
(14:18 +0200)
committer
Janusz Dobrowolski
<janusz@frontaccounting.eu>
Sat, 26 Sep 2020 21:17:15 +0000
(23:17 +0200)
admin/attachments.php
patch
|
blob
|
history
diff --git
a/admin/attachments.php
b/admin/attachments.php
index b96f3e4e65b0300a80398db4769dd17d67bbb73b..d3f491ace3a08898d022d6509f03ee07749e068c 100644
(file)
--- a/
admin/attachments.php
+++ b/
admin/attachments.php
@@
-80,6
+80,7
@@
if (isset($_GET['trans_no']))
if ($Mode == 'ADD_ITEM' || $Mode == 'UPDATE_ITEM')
{
if ($Mode == 'ADD_ITEM' || $Mode == 'UPDATE_ITEM')
{
+ $filename = basename($_FILES['filename']['name']);
if (!transaction_exists($_POST['filterType'], $_POST['trans_no']))
display_error(_("Selected transaction does not exists."));
elseif ($Mode == 'ADD_ITEM' && !isset($_FILES['filename']))
if (!transaction_exists($_POST['filterType'], $_POST['trans_no']))
display_error(_("Selected transaction does not exists."));
elseif ($Mode == 'ADD_ITEM' && !isset($_FILES['filename']))
@@
-89,8
+90,9
@@
if ($Mode == 'ADD_ITEM' || $Mode == 'UPDATE_ITEM')
display_error(_("The file size is over the maximum allowed."));
else
display_error(_("Select attachment file."));
display_error(_("The file size is over the maximum allowed."));
else
display_error(_("Select attachment file."));
- }
- else {
+ } elseif ( strlen($filename) > 60) {
+ display_error(_("File name exceeds maximum of 60 chars. Please change filename and try again."));
+ } else {
//$content = base64_encode(file_get_contents($_FILES['filename']['tmp_name']));
$tmpname = $_FILES['filename']['tmp_name'];
//$content = base64_encode(file_get_contents($_FILES['filename']['tmp_name']));
$tmpname = $_FILES['filename']['tmp_name'];
@@
-104,7
+106,6
@@
if ($Mode == 'ADD_ITEM' || $Mode == 'UPDATE_ITEM')
fclose($fp);
}
fclose($fp);
}
- $filename = basename($_FILES['filename']['name']);
$filesize = $_FILES['filename']['size'];
$filetype = $_FILES['filename']['type'];
$filesize = $_FILES['filename']['size'];
$filetype = $_FILES['filename']['type'];