oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

attempting to fix 463213

Browse source
This commit is contained in:
Matthew Wilson 2005-12-19 15:22:09 +00:00
parent d085152304
commit 08954dbe3c
1 changed files with 7 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

13
lib/WebGUI/Storage.pm
View file

@ -203,13 +203,14 @@ sub addFileFromFormPost {
my $attachmentCount = 1; my $attachmentCount = 1;
foreach my $upload ($session{req}->upload($formVariableName)) { foreach my $upload ($session{req}->upload($formVariableName)) {
return $filename if $attachmentCount > $attachmentLimit; return $filename if $attachmentCount > $attachmentLimit;
my $tempPath = $upload->filename(); my $tempPath = $upload->tempname();
if ($tempPath =~ /([^\/\\]+)$/) { $filename = $upload->filename();
$filename = $1;
} else {
$filename = $tempPath;
}
next unless $filename; next unless $filename;
if ($tempPath =~ /([^\/\\]+)$/) {
$filename = $1;
} else {
$filename = $tempPath;
}
my $type = $self->getFileExtension($filename); my $type = $self->getFileExtension($filename);
if (isIn($type, qw(pl perl sh cgi php asp))) { # make us safe from malicious uploads if (isIn($type, qw(pl perl sh cgi php asp))) { # make us safe from malicious uploads
$filename =~ s/\./\_/g; $filename =~ s/\./\_/g;