fix - [ 1403466 ] CS Attachments - Broken Image Issue

docs/changelog/6.x.x.txt

@@ -4,6 +4,7 @@
 
 6.8.5
  - fix [ 1396957 ] Insufficient privileges check on the DataForm
+ - fix [ 1403466 ] CS Attachments - Broken Image Issue
 
 6.8.4
  - fix [ 1395371 ] XSS Vulnerability in DataForm Entries

lib/WebGUI/Asset/Shortcut.pm

@@ -618,7 +618,6 @@ sub view {
 	foreach my $prop (keys %{$self->{_shortcut}{_properties}}) {
 		next if ($prop eq 'content' || $prop eq 'label' || $prop eq 'url');
 		$var{'shortcut.'.$prop} = $self->{_shortcut}{_properties}{$prop};
-	$self->session->errorHandler->warn($prop.' = '.$self->{_shortcut}{_properties}{$prop});
 	}
 	return $self->processTemplate(\%var,$self->getValue("templateId"));
 }

lib/WebGUI/Storage.pm

@@ -203,15 +203,15 @@ sub addFileFromFormPost {
 	my $attachmentCount = 1;
 	foreach my $upload ($self->session->request->upload($formVariableName)) {
 		return $filename if $attachmentCount > $attachmentLimit;
-		$filename = $upload->filename();
-		next unless $filename;
-		if ($filename =~ /([^\/\\]+)$/) { $filename = $1; }
-		my $type = $self->getFileExtension($filename);
+		my $tempFilename = $upload->filename();
+		next unless $tempFilename;
+		if ($tempFilename =~ /([^\/\\]+)$/) { $tempFilename = $1; }
+		my $type = $self->getFileExtension($tempFilename);
 		if (isIn($type, qw(pl perl sh cgi php asp))) { # make us safe from malicious uploads
-			$filename =~ s/\./\_/g;
-			$filename .= ".txt";
+			$tempFilename =~ s/\./\_/g;
+			$tempFilename .= ".txt";
 		}
-		$filename = $self->session->url->makeCompliant($filename);
+		$filename = $self->session->url->makeCompliant($tempFilename);
 		my $bytesread;
 		my $file = FileHandle->new(">".$self->getPath($filename));
 		$attachmentCount++;