Ver código fonte

[Web] Shorten and sanitize downloaded file names, fixes too long file names in Firefox

andryyy 5 anos atrás
pai
commit
24bbfb2330
1 arquivos alterados com 4 adições e 2 exclusões
  1. 4 2
      data/web/inc/ajax/qitem_details.php

+ 4 - 2
data/web/inc/ajax/qitem_details.php

@@ -96,7 +96,8 @@ if (!empty($_GET['id']) && ctype_alnum($_GET['id'])) {
       }
     }
     if (isset($_GET['eml'])) {
-      $dl_filename = str_replace('/', '_', $data['subject']);
+      $dl_filename = preg_replace('/[^a-z\d]/i', '_', $data['subject']);
+      $dl_filename = strlen($dl_filename) > 30 ? substr($dl_filename,0,30) : $dl_filename;
       header('Pragma: public');
       header('Expires: 0');
       header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
@@ -113,7 +114,8 @@ if (!empty($_GET['id']) && ctype_alnum($_GET['id'])) {
         exit(json_encode('Forbidden'));
       }
       $dl_id = intval($_GET['att']);
-      $dl_filename = $data['attachments'][$dl_id][0];
+      $dl_filename = preg_replace('/[^a-z\d]/i', '_', $data['attachments'][$dl_id][0]);
+      $dl_filename = strlen($dl_filename) > 30 ? substr($dl_filename,0,30) : $dl_filename;
       if (!is_dir($tmpdir . $dl_filename) && file_exists($tmpdir . $dl_filename)) {
         header('Pragma: public');
         header('Expires: 0');