X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fedit%2Fprocess%2Fcust_main_attach.cgi;h=2935d68a0e494a840678ef885f4e1d8247494626;hb=4d5e45b24200386a7fc47f2cd69949e82e4bc9c3;hp=291135718c8199d242d296cb814b82a75f0f2001;hpb=b5c4237a34aef94976bc343c8d9e138664fc3984;p=freeside.git diff --git a/httemplate/edit/process/cust_main_attach.cgi b/httemplate/edit/process/cust_main_attach.cgi index 291135718..2935d68a0 100644 --- a/httemplate/edit/process/cust_main_attach.cgi +++ b/httemplate/edit/process/cust_main_attach.cgi @@ -7,9 +7,9 @@ % $act = 'purged' if($attachnum and $purge); % $act = 'undeleted' if($attachnum and $undelete); % $act = 'deleted' if($attachnum and $delete); -<% header('Attachment ' . $act ) %> +<& /elements/header-popup.html, 'Attachment ' . $act &> % } @@ -24,6 +24,10 @@ $cgi->param('attachnum') =~ /^(\d*)$/ or die "Illegal attachnum: ". $cgi->param('attachnum'); my $attachnum = $1; +my $filename = $cgi->param('file'); +# strip directory names; thanks, IE7 +$filename =~ s!.*[\/\\]!!; + my $curuser = $FS::CurrentUser::CurrentUser; my $delete = $cgi->param('delete'); @@ -49,7 +53,7 @@ if($attachnum) { else { map { $new->$_($old->$_) } ('_date', 'otaker', 'body', 'disabled'); - $new->filename($cgi->param('filename') || $old->filename); + $new->filename($filename || $old->filename); $new->mime_type($cgi->param('mime_type') || $old->mime_type); $new->title($cgi->param('title')); if($delete and not $old->disabled) { @@ -62,10 +66,10 @@ if($attachnum) { } else { # This is a new attachment, so require a file. - my $filename = $cgi->param('file'); if($filename) { $new->filename($filename); - $new->mime_type($cgi->uploadInfo($filename)->{'Content-Type'}); + # use the original filename here, not the stripped form + $new->mime_type($cgi->uploadInfo($cgi->param('file'))->{'Content-Type'}); $new->title($cgi->param('title')); local $/;