From 2b9a008208c55090ba6beac9eec71645e66be2e5 Mon Sep 17 00:00:00 2001 From: Ian Date: Wed, 7 Oct 2015 09:37:44 +0200 Subject: [PATCH] allow upload file real umlaut conversion and remove workaround --- include/admin/images.inc.php | 2 +- include/functions_images.inc.php | 3 --- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/include/admin/images.inc.php b/include/admin/images.inc.php index fe627c8b..55246222 100644 --- a/include/admin/images.inc.php +++ b/include/admin/images.inc.php @@ -324,7 +324,7 @@ switch ($serendipity['GET']['adminAction']) { continue; } - $tfile = serendipity_uploadSecure(basename($tfile)); + $tfile = serendipity_uploadSecure(serendipity_makeFilename(basename($tfile))); if (serendipity_isActiveFile($tfile)) { $messages[] = ' ' . ERROR_FILE_FORBIDDEN .' '. $tfile . "\n"; diff --git a/include/functions_images.inc.php b/include/functions_images.inc.php index 56ed09b1..ffecb2c7 100644 --- a/include/functions_images.inc.php +++ b/include/functions_images.inc.php @@ -1944,7 +1944,6 @@ function serendipity_deletePath($dir) { /** * Transform a filename into a valid upload path - * ToDO: Rewrite to use converted Umlauts, eg -> ae! (use serendipity_makeFilename()?) * * @access public * @param string The input filename @@ -1955,8 +1954,6 @@ function serendipity_deletePath($dir) { function serendipity_uploadSecure($var, $strip_paths = true, $append_slash = false) { $var = str_replace(' ', '_', $var); - #$var = serendipity_makeFilename($var); // shouldn't this do? We will need to include functions_permalinks.inc.php for this! - if (function_exists('iconv') && strtolower(LANG_CHARSET) == 'utf-8') $var = iconv("utf-8", "ascii//TRANSLIT", $var); $var = preg_replace('@[^0-9a-z\._/-]@i', '', $var); if ($strip_paths) { $var = preg_replace('@(\.+[/\\\\]+)@', '/', $var);