From f58fba8e45b9f4c14932c79a2e6eb2b3f605157d Mon Sep 17 00:00:00 2001 From: Lan Hui Date: Thu, 22 Jul 2021 11:17:43 +0800 Subject: [PATCH 1/2] Script.php: add a few urlencode's. --- Script.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Script.php b/Script.php index c0ba6a9..f153280 100644 --- a/Script.php +++ b/Script.php @@ -633,17 +633,17 @@ if (!empty($_POST["frm_submitlab"])) { $targetfile4 = ""; if(strlen($_FILES['attachment1']['name']) > 2 ) { // why greater than 2??? - $targetfile = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment1']['name']; + $targetfile = "/".$student_id."/".$url."/".$lab_name."/".urlencode($_FILES['attachment1']['name']); } if(strlen($_FILES['attachment2']['name']) > 2 ) { - $targetfile2 = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment2']['name']; } + $targetfile2 = "/".$student_id."/".$url."/".$lab_name."/".urlencode($_FILES['attachment2']['name']); } if(strlen($_FILES['attachment3']['name']) > 2 ) { - $targetfile3 = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment3']['name'];} + $targetfile3 = "/".$student_id."/".$url."/".$lab_name."/".urlencode($_FILES['attachment3']['name']);} if(strlen($_FILES['attachment4']['name']) > 2 ) { - $targetfile4 = "/".$student_id."/".$url."/".$lab_name."/".$_FILES['attachment4']['name']; + $targetfile4 = "/".$student_id."/".$url."/".$lab_name."/".urlencode($_FILES['attachment4']['name']); } // When $group_id is not properly initialized, use integer 0 as its value. From 717db846982980db0c6fc2abdb7316d72460c6fc Mon Sep 17 00:00:00 2001 From: Lan Hui Date: Thu, 22 Jul 2021 11:20:58 +0800 Subject: [PATCH 2/2] Script.php: add a few rawurlencode's. --- Script.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Script.php b/Script.php index f153280..d1921c7 100644 --- a/Script.php +++ b/Script.php @@ -633,17 +633,17 @@ if (!empty($_POST["frm_submitlab"])) { $targetfile4 = ""; if(strlen($_FILES['attachment1']['name']) > 2 ) { // why greater than 2??? - $targetfile = "/".$student_id."/".$url."/".$lab_name."/".urlencode($_FILES['attachment1']['name']); + $targetfile = "/".$student_id."/".$url."/".$lab_name."/".rawurlencode($_FILES['attachment1']['name']); } if(strlen($_FILES['attachment2']['name']) > 2 ) { - $targetfile2 = "/".$student_id."/".$url."/".$lab_name."/".urlencode($_FILES['attachment2']['name']); } + $targetfile2 = "/".$student_id."/".$url."/".$lab_name."/".rawurlencode($_FILES['attachment2']['name']); } if(strlen($_FILES['attachment3']['name']) > 2 ) { - $targetfile3 = "/".$student_id."/".$url."/".$lab_name."/".urlencode($_FILES['attachment3']['name']);} + $targetfile3 = "/".$student_id."/".$url."/".$lab_name."/".rawurlencode($_FILES['attachment3']['name']);} if(strlen($_FILES['attachment4']['name']) > 2 ) { - $targetfile4 = "/".$student_id."/".$url."/".$lab_name."/".urlencode($_FILES['attachment4']['name']); + $targetfile4 = "/".$student_id."/".$url."/".$lab_name."/".rawurlencode($_FILES['attachment4']['name']); } // When $group_id is not properly initialized, use integer 0 as its value.