Fixed bug in attachments uploading.

diff --git a/admin/attachments.php b/admin/attachments.php
index 1ad50d699fe81d4d51bd91b163f0eba960514dab..d41684b1b87854187ac11ecd81a7b1dd700a7da2 100644 (file)
--- a/admin/attachments.php
+++ b/admin/attachments.php
@@ -92,16 +92,20 @@ if ($Mode == 'ADD_ITEM' || $Mode == 'UPDATE_ITEM')
                        $index_file = "<?php\nheader(\"Location: ../index.php\");\n?>";
                        $fp = fopen($dir."/index.php", "w");
                        fwrite($fp, $index_file);
-                       fclose($fp);
+                       fclose($fp); _vd($dir);
                }
                // file name compatible with POSIX
                // protect against directory traversal
-               $unique_name = preg_replace('/[^a-zA-Z0-9.\-_]/', '', $_POST['unique_name']);
-               if ($Mode == 'UPDATE_ITEM' && file_exists($dir."/".$unique_name))
-                       unlink($dir."/".$unique_name);
-
-               $unique_name = uniqid('');
+               if ($Mode == 'UPDATE_ITEM')
+               {
+                       $unique_name = preg_replace('/[^a-zA-Z0-9.\-_]/', '', $_POST['unique_name']);
+                       if ($Mode == 'UPDATE_ITEM' && file_exists($dir."/".$unique_name))
+                               unlink($dir."/".$unique_name);
+               }
+               else
+                       $unique_name = uniqid('');
                move_uploaded_file($tmpname, $dir."/".$unique_name);
+
                //save the file
                $filename = basename($_FILES['filename']['name']);
                $filesize = $_FILES['filename']['size'];