We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent d7ead2f commit 884d9b3Copy full SHA for 884d9b3
main/inc/lib/extra_field_value.lib.php
@@ -334,14 +334,13 @@ public function saveFieldValues(
334
break;
335
}
336
337
- $cleanedName = api_replace_dangerous_char($value['name']);
338
- $fileName = ExtraField::FIELD_TYPE_FILE."_{$params['item_id']}_$cleanedName";
339
if (!file_exists($fileDir)) {
340
mkdir($fileDir, $dirPermissions, true);
341
342
343
if (!empty($value['tmp_name']) && isset($value['error']) && $value['error'] == 0) {
344
$cleanedName = api_replace_dangerous_char($value['name']);
+ $cleanedName = disable_dangerous_file($cleanedName);
345
$fileName = ExtraField::FIELD_TYPE_FILE."_{$params['item_id']}_$cleanedName";
346
moveUploadedFile($value, $fileDir.$fileName);
347
0 commit comments