summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoruckelman <uckelman@nomic.net>2010-05-09 22:09:31 +0000
committeruckelman <uckelman@nomic.net>2010-05-09 22:09:31 +0000
commit4293a2f7e71ecffc84b8520eb4cb150cc43484a5 (patch)
tree6a1517f9d0707952abadc6ed16fc7b16591df401
parent71446caebefe08d4615c5ae89f622230b323b5ac (diff)
Fixed bad SQL.
git-svn-id: https://vassalengine.svn.sourceforge.net/svnroot/vassalengine/site-src/trunk@6843 67b53d14-2c14-4ace-a08f-0dab2b34000c
-rw-r--r--src/PhpBB3.php18
1 files changed, 12 insertions, 6 deletions
diff --git a/src/PhpBB3.php b/src/PhpBB3.php
index 24fe25c..8b0f875 100644
--- a/src/PhpBB3.php
+++ b/src/PhpBB3.php
@@ -256,18 +256,24 @@ class PhpBB3 {
# TODO: check that attachment is a permissible type, size
# lifted from include/functions_upload.php: filespec::clean_filename()
- $realFilename = $userId . '_' . md5(unique_id());
+ $physicalFilename = $userId . '_' . md5(unique_id());
+
+ # get extension
+ $dot = strrpos($filename, '.');
+ $extension = $pos === false ? '' : substr($filename, $pos + 1);
# put the attachment data into the db
$sql = 'INSERT INTO ' . ATTACHMENTS_TABLE . ' (' .
- 'poster_id, is_orphan, physical_filename, attach_comment, ' .
- 'extension, mimetype, filesize, filetime' .
+ 'poster_id, is_orphan, physical_filename, real_filename, ' .
+ 'attach_comment, extension, mimetype, filesize, filetime' .
') VALUES (' .
$userId . ', ' .
'1, ' .
- '"' . $db->sql_escape($realFilename) . '", ' .
- '"' . $db->sql_escape($comment) . '", ' .
- '"' . $db->sql_escape($mimetype) . '", ' .
+ '"' . $physicalFilename . '", ' .
+ '"' . $db->sql_escape($filename) . '", ' .
+ '"' . $db->sql_escape($comment) . '", ' .
+ '"' . $db->sql_escape($extension) . '", ' .
+ '"' . $db->sql_escape($mimetype) . '", ' .
strlen($data) . ', ' .
time() .
')';