[SM-USERS] Bugfix for File Manager Plugin plus Suggestion

David E. Meier Tue, 20 Dec 2005 02:25:03 -0800

Hi,

I had the problem where a user sent me a file called
"somewhat-with-two-dots..doc". Using the "save locally" link saved the
file to disk with the same name resulting it inaccessable in the file
manager due to the restrictions in the sanitizeFileName() function.


Fix: Call the sanitizeFileName() function in save_attachment.php on lines
88 and 90 when assembling the $targetFile name.

Suggestion: Why not break the double dots with a space instead of deleting
them? This way the file type (see example above) still would get
recognized and one has gotten rid of the evilness of the double dots, too.

Cheers. Dave.



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37&alloc_id865&op=click
--
squirrelmail-users mailing list
Posting Guidelines: 
http://www.squirrelmail.org/wiki/MailingListPostingGuidelines
List Address: squirrelmail-users@lists.sourceforge.net
List Archives: 
http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user
List Archives:  http://sourceforge.net/mailarchive/forum.php?forum_id)95
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users

[SM-USERS] Bugfix for File Manager Plugin plus Suggestion

Reply via email to