From 307f1c3dad5b09a7f41d081d287b8bf1fd89967a Mon Sep 17 00:00:00 2001
From: Thomas Hochstein <thh@inter.net>
Date: Fri, 20 Mar 2020 17:50:00 +0100
Subject: [PATCH] Prevent renaming ML object into existing file.

When renaming objects in the Media Library,
s9y didn't check if a file with the same
name already exists, resulting in a file
name collision deleting both files from
the database _and_ from disk.

Add a check to avoid that.

An error message would be nice, too, but
that may be added later on.

Tested on s9y-stable test instance.

Cherry-picked from master branch.

Signed-off-by: Thomas Hochstein <thh@inter.net>
---
 docs/NEWS                        | 5 +++++
 include/functions_images.inc.php | 4 ++++
 2 files changed, 9 insertions(+)

diff --git a/docs/NEWS b/docs/NEWS
index 111c7227..435d458d 100644
--- a/docs/NEWS
+++ b/docs/NEWS
@@ -20,6 +20,11 @@ Version 2.3.3-beta1 ()
      Also fixes missing "keep strip tags" configuration option
 
    * Fix: Add valid HTTP referrer when trying to delete a
+
+   * Fix: Prevent renaming a ML object into an existing file,
+          resulting in deletion of both from disk and database.
+
+   * Fix invalid HTTP referrer error when trying to delete a
      trackback from the frontend
 
    * Use the video tag for videos in the Medialibrary, also when
diff --git a/include/functions_images.inc.php b/include/functions_images.inc.php
index fc2c5963..32d555ba 100644
--- a/include/functions_images.inc.php
+++ b/include/functions_images.inc.php
@@ -2260,6 +2260,10 @@ function serendipity_renameFile($id, $newName, $path = null) {
     $imgBase = $serendipity['serendipityPath'] . $serendipity['uploadPath'];
     
     $newPath = "{$imgBase}{$path}{$newName}.{$file['extension']}";
+
+    if (file_exists($newPath)) {
+        return false;
+    }
     
     rename("{$imgBase}{$file['path']}{$file['realname']}", $newPath);