From d8912e1b29e02e1c691a5c14ce41c15f3cbf61fb Mon Sep 17 00:00:00 2001 From: ryan Date: Tue, 24 May 2011 15:56:40 +0000 Subject: [PATCH] Make sure ext passes through sanitize_file_name() git-svn-id: http://svn.automattic.com/wordpress/branches/3.1@18022 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-app.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/wp-app.php b/wp-app.php index 6de5288206..c836e2f7d2 100644 --- a/wp-app.php +++ b/wp-app.php @@ -607,13 +607,13 @@ EOD; $slug = ''; if ( isset( $_SERVER['HTTP_SLUG'] ) ) - $slug = sanitize_file_name( $_SERVER['HTTP_SLUG'] ); + $slug = $_SERVER['HTTP_SLUG']; elseif ( isset( $_SERVER['HTTP_TITLE'] ) ) - $slug = sanitize_file_name( $_SERVER['HTTP_TITLE'] ); + $slug = $_SERVER['HTTP_TITLE']; elseif ( empty( $slug ) ) // just make a random name $slug = substr( md5( uniqid( microtime() ) ), 0, 7); $ext = preg_replace( '|.*/([a-z0-9]+)|', '$1', $_SERVER['CONTENT_TYPE'] ); - $slug = "$slug.$ext"; + $slug = sanitize_file_name( "$slug.$ext" ); $file = wp_upload_bits( $slug, NULL, $bits); log_app('wp_upload_bits returns:',print_r($file,true));