Add some codes from 3.61. Currently files under /nucleus/libs and /nucleus/libs/sql...

[nucleus-jp/nucleus-jp-ancient.git] / utf8 / nucleus / libs / MEDIA.php

diff --git a/utf8/nucleus/libs/MEDIA.php b/utf8/nucleus/libs/MEDIA.php
index b61a537..2cb70e7 100755 (executable)
--- a/utf8/nucleus/libs/MEDIA.php
+++ b/utf8/nucleus/libs/MEDIA.php
@@ -142,9 +142,15 @@ class MEDIA {
          */
        function addMediaObject($collection, $uploadfile, $filename) {
                global $DIR_MEDIA, $manager;
-
+               
+               // clean filename of characters that may cause trouble in a filename using cleanFileName() function from globalfunctions.php
+               $filename = cleanFileName($filename);
+               // should already have tested for allowable types before calling this method. This will only catch files with no extension at all
+               if ($filename === false) 
+                       return _ERROR_BADFILETYPE;
+               
                $manager->notify('PreMediaUpload',array('collection' => &$collection, 'uploadfile' => $uploadfile, 'filename' => &$filename));
-
+               
                // don't allow uploads to unknown or forbidden collections
                $exceptReadOnly = true;
                if (!MEDIA::isValidCollection($collection,$exceptReadOnly))