Hum, strange.
If i use Capture d'ecran.docx
i get into $_FILES
Capture d'ecran.docx
and not
Capture d'ecran.docx
A cake will be offered to people who can explain this difference !
Well, we must find what is the criteria tha make this difference and use
it to put a if inside the dol_unescape_file to have upload working on
all situation.
Can you send me your php.ini. I will compare with mine.
Le 01/06/2012 11:13, Régis Houssin a écrit :
i use this file name : Capture d'ecran.docx
my function :
trim(basename(stripslashes($filename)), ".\x00..\x20");
common function found around the internet and can clean the file name in
$ _FILES
print $_FILES : Capture d\'ecran.docx
with my function :
files is record with name : Capture d'ecran.docx
source code in link: Capture+d%27ecran.docx
without my function:
files is record with name : Capture d\'ecran.docx
source code in link : Capture+d%5C%27ecran.docx
the file does not delete when I click on the trash
Le 01/06/12 10:42, Laurent Destailleur (eldy) a écrit :
I made a fix into dol_unescapefile file because file uplaod was broken
on linux and windows.
I had to remove the stripslashes. I don't see a reason to have it. May
be there is a diff between mac and linux when uploading a file ?
If you upload a file called
a'b
the $_FILES['userfile']['name']; exit;
a'b
Regis, can you confirm that submitting a file called
a'b
is still
a'b
if you make:
print $_FILES['userfile']['name']; exit;
just after the main.inc.php of a submitted document.php page (you must
make show source of html page to see real content, for example with
htdocs/societe/documents.php) ?
Cordialement,