Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Fix for #15016

Browse Source 
Conflicts:
	htdocs/core/actions_linkedfiles.inc.php
This commit is contained in:
Laurent Destailleur
2020-10-31 12:11:41 +01:00
parent 2deb1e6107
commit a4d2927f82
2 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
htdocs/core/actions_linkedfiles.inc.php
View File

@@ -103,7 +103,8 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes')
$ret = dol_delete_file($file, 0, 0, 0, (is_object($object) ? $object : null)); $ret = dol_delete_file($file, 0, 0, 0, (is_object($object) ? $object : null));
if (!empty($fileold)) dol_delete_file($fileold, 0, 0, 0, (is_object($object) ? $object : null)); // Delete file using old path if (!empty($fileold)) dol_delete_file($fileold, 0, 0, 0, (is_object($object) ? $object : null)); // Delete file using old path
// Si elle existe, on efface la vignette // If it exists, remove thumb.
$regs = array();
if (preg_match('/(\.jpg|\.jpeg|\.bmp|\.gif|\.png|\.tiff)$/i', $file, $regs)) if (preg_match('/(\.jpg|\.jpeg|\.bmp|\.gif|\.png|\.tiff)$/i', $file, $regs))
{ {
$photo_vignette = basename(preg_replace('/'.$regs[0].'/i', '', $file).'_small'.$regs[0]); $photo_vignette = basename(preg_replace('/'.$regs[0].'/i', '', $file).'_small'.$regs[0]);
@@ -124,9 +125,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes')
} else { } else {
setEventMessages($langs->trans("ErrorFailToDeleteFile", $urlfile), null, 'errors'); setEventMessages($langs->trans("ErrorFailToDeleteFile", $urlfile), null, 'errors');
} }
} } elseif ($linkid) { // delete of external link
elseif ($linkid) // delete of external link
{
require_once DOL_DOCUMENT_ROOT.'/core/class/link.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/link.class.php';
$link = new Link($db); $link = new Link($db);
$link->fetch($linkid); $link->fetch($linkid);
@@ -190,6 +189,10 @@ elseif ($action == 'renamefile' && GETPOST('renamefilesave', 'alpha'))
$filenamefrom = dol_sanitizeFileName(GETPOST('renamefilefrom', 'alpha'), '_', 0); // Do not remove accents $filenamefrom = dol_sanitizeFileName(GETPOST('renamefilefrom', 'alpha'), '_', 0); // Do not remove accents
$filenameto = dol_sanitizeFileName(GETPOST('renamefileto', 'alpha'), '_', 0); // Do not remove accents $filenameto = dol_sanitizeFileName(GETPOST('renamefileto', 'alpha'), '_', 0); // Do not remove accents
// We apply dol_string_nohtmltag also to clean file names (this remove duplicate spaces) because
// this function is also applied when we upload and when we make try to download file (by the GETPOST(filename, 'alphanohtml') call).
$filenameto = dol_string_nohtmltag($filenameto);
if ($filenamefrom != $filenameto) if ($filenamefrom != $filenameto)
{ {
// Security: // Security:

2
htdocs/core/lib/files.lib.php
View File

@@ -1592,7 +1592,7 @@ function dol_add_file_process($upload_dir, $allowoverwrite = 0, $donotupdatesess
$destfile = dol_sanitizeFileName($info['filename'].($info['extension'] != '' ? ('.'.strtolower($info['extension'])) : '')); $destfile = dol_sanitizeFileName($info['filename'].($info['extension'] != '' ? ('.'.strtolower($info['extension'])) : ''));
// We apply dol_string_nohtmltag also to clean file names (this remove duplicate spaces) because // We apply dol_string_nohtmltag also to clean file names (this remove duplicate spaces) because
// this function is also applied when we make try to download file (by the GETPOST(filename, 'alphanohtml') call). // this function is also applied when we rename and when we make try to download file (by the GETPOST(filename, 'alphanohtml') call).
$destfile = dol_string_nohtmltag($destfile); $destfile = dol_string_nohtmltag($destfile);
$destfull = dol_string_nohtmltag($destfull); $destfull = dol_string_nohtmltag($destfull);