From d79b65ce4986570514e8fcf921bc77e0a194c9a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= Date: Fri, 25 May 2012 16:35:46 +0200 Subject: [PATCH 1/2] Fixed a bug preventing invoice sorting by authors --- htdocs/compta/facture.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php index 49483ba8081..b8ce3074325 100644 --- a/htdocs/compta/facture.php +++ b/htdocs/compta/facture.php @@ -3263,7 +3263,7 @@ else if ($userid) { if ($userid == -1) $sql.=' AND f.fk_user_author IS NULL'; - else $sql.=' AND f.fk_user_author = '.$user->id; + else $sql.=' AND f.fk_user_author = '.$userid; } if ($_GET['filtre']) { From 9c42cdc7d357d342a3f71c9fb0b7c701cab67f7a Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Fri, 1 Jun 2012 07:14:29 +0200 Subject: [PATCH 2/2] Fix: clear file name send by php --- htdocs/core/lib/files.lib.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index cb89898cbdf..de1a77b16a9 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -486,16 +486,17 @@ function dol_move($srcfile, $destfile, $newmask=0, $overwriteifexists=1) } /** - * Unescape a file submitted by upload. PHP escape char " and only char " into $FILES with %22 - * This is a bug because when file contains %22, it is not escape, so there is no way to retrieve original value. - * So best solution is to keep " as %22 into uploaded filename. + * Unescape a file submitted by upload. PHP escape char " (%22) and char ' (%27) into $FILES + * Before= Capture d\'écran.doc After= Capture d'écran.doc * * @param string $filename Filename */ function dol_unescapefile($filename) { - //return stripslashes($filename); // FIXME - return $filename; + // Remove path information and dots around the filename, to prevent uploading + // into different directories or replacing hidden system files. + // Also remove control characters and spaces (\x00..\x20) around the filename: + return trim(basename(stripslashes($filename)), ".\x00..\x20"); } /**