# HG changeset patch
# User Dan
# Date 1226201606 18000
# Node ID bfde4d7402b1b3c8e93a759e98838c50912b80b7
# Parent  e2762777b170ce63a584f70d64c48365364e3891
Fixed filename not being sent through sanitize_page_id() during upload. Non-security.

diff -r e2762777b170 -r bfde4d7402b1 plugins/SpecialUpdownload.php
--- a/plugins/SpecialUpdownload.php	Sat Nov 08 22:32:43 2008 -0500
+++ b/plugins/SpecialUpdownload.php	Sat Nov 08 22:33:26 2008 -0500
@@ -118,7 +118,7 @@
     
     $utime = time();
            
-    $filename = $db->escape($filename);
+    $filename = $db->escape(sanitize_page_id($filename));
     $ext = substr($filename, strrpos($filename, '.'), strlen($filename));
     $flen = filesize($file['tmp_name']);
     
@@ -219,7 +219,8 @@
   {
     $tid = '';
   }
-  $filename = $db->escape($filename);
+  $filename = $db->escape(sanitize_page_id($filename));
+  
   $q = $db->sql_query('SELECT page_id,size,mimetype,time_id,file_extension,file_key FROM '.table_prefix.'files WHERE filename=\''.$filename.'\''.$tid.' ORDER BY time_id DESC;');
   if ( !$q )
   {