From ed59a8851f3e7b243f89fde128f16db2a543aec2 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Wed, 5 May 2021 16:48:04 +0200 Subject: [PATCH 1/3] Fix #17501 : Undownloable attached file --- htdocs/core/actions_linkedfiles.inc.php | 4 ++++ htdocs/langs/en_US/errors.lang | 1 + 2 files changed, 5 insertions(+) diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php index af60583118d..482f4cf1dea 100644 --- a/htdocs/core/actions_linkedfiles.inc.php +++ b/htdocs/core/actions_linkedfiles.inc.php @@ -44,6 +44,10 @@ if (GETPOST('sendit', 'alpha') && !empty($conf->global->MAIN_UPLOAD_DOC)) { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("File")), null, 'errors'); } } + if (preg_match('/__.*__/', $_FILES['userfile']['name'][$key])) { + $error++; + setEventMessages($langs->trans('ErrorWrongFileName'), null, 'errors'); + } } if (!$error) { diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang index 6df5438de8f..cbf7214245a 100644 --- a/htdocs/langs/en_US/errors.lang +++ b/htdocs/langs/en_US/errors.lang @@ -298,3 +298,4 @@ WarningModuleXDisabledSoYouMayMissEventHere=Module %s has not been enabled. So y ErrorActionCommPropertyUserowneridNotDefined=User's owner is required ErrorActionCommBadType=Selected event type (id: %n, code: %s) do not exist in Event Type dictionary CheckVersionFail=Version check fail +ErrorWrongFileName=Name of the file cannot have __SOMETHING__ in it \ No newline at end of file From 020ad5aebe41a22ba9bf6d4c18967d3c688103b0 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Wed, 5 May 2021 16:49:51 +0200 Subject: [PATCH 2/3] Add endofline in errors.lang --- htdocs/langs/en_US/errors.lang | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang index 55ae87b4613..a1155b0f57c 100644 --- a/htdocs/langs/en_US/errors.lang +++ b/htdocs/langs/en_US/errors.lang @@ -299,4 +299,4 @@ WarningModuleXDisabledSoYouMayMissEventHere=Module %s has not been enabled. So y ErrorActionCommPropertyUserowneridNotDefined=User's owner is required ErrorActionCommBadType=Selected event type (id: %n, code: %s) do not exist in Event Type dictionary CheckVersionFail=Version check fail -ErrorWrongFileName=Name of the file cannot have __SOMETHING__ in it \ No newline at end of file +ErrorWrongFileName=Name of the file cannot have __SOMETHING__ in it From d55309c84793bfee371e4688f866e852415cbd8b Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Thu, 6 May 2021 09:46:54 +0200 Subject: [PATCH 3/3] fix rename file --- htdocs/core/actions_linkedfiles.inc.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php index 482f4cf1dea..2a610cb3bf6 100644 --- a/htdocs/core/actions_linkedfiles.inc.php +++ b/htdocs/core/actions_linkedfiles.inc.php @@ -176,8 +176,11 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') { // We apply dol_string_nohtmltag also to clean file names (this remove duplicate spaces) because // this function is also applied when we upload and when we make try to download file (by the GETPOST(filename, 'alphanohtml') call). $filenameto = dol_string_nohtmltag($filenameto); - - if ($filenamefrom != $filenameto) { + if (preg_match('/__.*__/', $filenameto)) { + $error++; + setEventMessages($langs->trans('ErrorWrongFileName'), null, 'errors'); + } + if (!$error && $filenamefrom != $filenameto) { // Security: // Disallow file with some extensions. We rename them. // Because if we put the documents directory into a directory inside web root (very bad), this allows to execute on demand arbitrary code.