[Openfirst-cvscommit] members workspace.php,1.3,1.4

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/openfirst/members
In directory sc8-pr-cvs1:/tmp/cvs-serv13648

Modified Files:
	workspace.php 
Log Message:
Fix filename handling bug preventing certain files from being handled properly (anything with an ampersand or space)

Index: workspace.php
===================================================================
RCS file: /cvsroot/openfirst/members/workspace.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** workspace.php	29 Jul 2003 17:39:19 -0000	1.3
--- workspace.php	12 Aug 2003 02:33:41 -0000	1.4
***************
*** 212,215 ****
--- 212,216 ----
        $filename = $_FILES['userfile']['tmp_name'][0];
        $name = str_replace(" ", "-", $_FILES['userfile']['name'][0]);
+       $name = str_replace("&", "and", $name);
        copy($filename, "$ws->virtfspath/" . $_POST["filepath"] . "/$name");
        $uf = mysql_query("INSERT INTO ofirst_workspace_files (size, location, owner, division, permissions, date, description, filetype, name) VALUES('" .( filesize("$ws->virtfspath/" . $_POST["filepath"] . "/$name") / 1024). "', '" . $_POST["filepath"] . "', '$user->user', '" . $_POST["division"] . "', '" . $_POST["userperm"] . $_POST["groupperm"] . $_POST["otherperm"] . "', '" . date('D M d Y h:m:s') . "', '" . $_POST["description"] . "', '" . strtolower(substr($name, strrpos($name, ".") +1)) . "', '$name');");
***************
*** 245,253 ****
  <th>Actions</th></tr>");
      while($file = mysql_fetch_object($files)) {
        echo("<tr><td>" . fileicon($file->filetype) . "</td><td>$file->name</td><td>$file->division</td>
  <td>$file->permissions</td><td>$file->date</td><td>$file->description</td><td>
! <a href='workspace.php?file=$file->name&amp;owner=$file->owner&amp;action=view&amp;filepath=$filepath'>View</a>
! <br><a href='workspace.php?file=$file->name&amp;owner=$file->owner&amp;action=modify&amp;filepath=$filepath'>Modify</a>
! <br><a href='workspace.php?file=$file->name&amp;owner=$file->owner&amp;action=delete&amp;filepath=$filepath'>Delete</a>
  </td></tr>");
      }
--- 246,255 ----
  <th>Actions</th></tr>");
      while($file = mysql_fetch_object($files)) {
+       $file->name = str_replace("\"", "&quot;", $file->name);
        echo("<tr><td>" . fileicon($file->filetype) . "</td><td>$file->name</td><td>$file->division</td>
  <td>$file->permissions</td><td>$file->date</td><td>$file->description</td><td>
! <a href=\"workspace.php?file=$file->name&amp;owner=$file->owner&amp;action=view&amp;filepath=$filepath\">View</a>
! <br><a href=\"workspace.php?file=$file->name&amp;owner=$file->owner&amp;action=modify&amp;filepath=$filepath\">Modify</a>
! <br><a href=\"workspace.php?file=$file->name&amp;owner=$file->owner&amp;action=delete&amp;filepath=$filepath\">Delete</a>
  </td></tr>");
      }