From 71d5bd8816d4534660026805da2f3546bba5720e Mon Sep 17 00:00:00 2001 From: condor2 Date: Mon, 12 Feb 2024 14:50:22 +0200 Subject: [PATCH] Update filemanager.php --- upload/admin/controller/common/filemanager.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/upload/admin/controller/common/filemanager.php b/upload/admin/controller/common/filemanager.php index 699b6935..fa660c08 100644 --- a/upload/admin/controller/common/filemanager.php +++ b/upload/admin/controller/common/filemanager.php @@ -237,7 +237,7 @@ public function upload(): void { foreach ($files as $file) { if (is_file($file['tmp_name'])) { // Sanitize the filename - $filename = preg_replace('/[\/\\\\?%*:|"<>]/', '', basename(html_entity_decode($file['name'], ENT_QUOTES, 'UTF-8'))); + $filename = preg_replace('/[\/\\\?%*:|"<>]/', '', basename(html_entity_decode($file['name'], ENT_QUOTES, 'UTF-8'))); // Validate the filename length if ((utf8_strlen($filename) < 3) || (utf8_strlen($filename) > 255)) { @@ -323,7 +323,7 @@ public function folder(): void { if ($this->request->server['REQUEST_METHOD'] == 'POST') { // Sanitize the folder name - $folder = preg_replace('/[\/\\\\?%*&:|"<>]/', '', basename(html_entity_decode($this->request->post['folder'], ENT_QUOTES, 'UTF-8'))); + $folder = preg_replace('/[\/\\\?%*&:|"<>]/', '', basename(html_entity_decode($this->request->post['folder'], ENT_QUOTES, 'UTF-8'))); // Validate the filename length if ((utf8_strlen($folder) < 3) || (utf8_strlen($folder) > 128)) {