lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: Unescape a file submitted by upload. PHP escape char " (%22) and

Browse Source 
char ' (%27) into $FILES
Before= Capture d\'écran.doc  After= Capture d'écran.doc
This commit is contained in:
Regis Houssin 2012-05-30 13:58:20 +02:00
parent 17b50e02b7
commit 85e3407559
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
htdocs/core/lib/files.lib.php
View File

@ -488,16 +488,14 @@ function dol_move($srcfile, $destfile, $newmask=0, $overwriteifexists=1)
}
/**
* Unescape a file submitted by upload. PHP escape char " and only char " into $FILES with %22
* This is a bug because when file contains %22, it is not escape, so there is no way to retrieve original value.
* So best solution is to keep " as %22 into uploaded filename.
* Unescape a file submitted by upload. PHP escape char " (%22) and char ' (%27) into $FILES
* Before= Capture d\'écran.doc After= Capture d'écran.doc
*
* @param string $filename Filename
*/
function dol_unescapefile($filename)
{
//return stripslashes($filename); // FIXME
return $filename;
return stripslashes($filename);
}
/**