--- docman.php 2002/07/27 19:27:22 1.6 +++ docman.php 2002/07/27 19:56:32 1.8 @@ -1076,13 +1076,15 @@ function try_rename($from,$to) { # print "$from -> $to\n"; if (file_exists($from) && is_writeable(dirname($to))) { - rename($from,$to); + return rename($from,$to); + } else { + return 0; } } function try_dir($todir) { if (! file_exists($todir)) { - mkdir($todir,0700); + @mkdir($todir,0700); } } @@ -1092,7 +1094,7 @@ # print "
$fromdir / $fromfile -> $todir / $tofile\n\n";
 
-	try_rename("$fromdir/$fromfile","$todir/$tofile");
+	if (! try_rename("$fromdir/$fromfile","$todir/$tofile")) Error("Rename error","Can't rename file $fromfile to $tofile",1);
 	try_dir("$todir/.log");
 	try_rename("$fromdir/.log/$fromfile","$todir/.log/$tofile");
 	try_dir("$todir/.note");
@@ -1606,18 +1608,19 @@
 	switch ($HTTP_POST_VARS["POSTACTION"]) {
 	case "UPLOAD" :
 		$FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]);
+		$FN=stripSlashes($HTTP_POST_FILES["FN"]["name"]);
 		if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
-		if (strstr($FN_name,"/")) 
-			Error("Non-conforming filename") ;
-		// TODO : should rather check for escapeshellcmds
-		// but maybe RFC 18xx asserts safe filenames ....
+
 		$source = $FN_name ;
 		if (! file_exists($source)) {
 			Error("You must select file with browse to upload it!");
 		}
+
 		$FILENAME = $HTTP_POST_VARS["FILENAME"];
+		if (strstr($FILENAME,"/")) 
+			Error("Upload error","Non-conforming filename. Filename $FILENAME has slashes (/) in it.") ;
 		if (! isset($FILENAME)) { 	// from update file
-			$target = "$fsDir/$FN_name" ;
+			$target = "$fsDir/".basename($FN_name);
 		} else {
 			$target = "$fsDir/$FILENAME";
 		}
@@ -1750,11 +1753,13 @@
 	case "RENAME" :  
 		if ( $CONFIRM != "on" ) break ;
 
+		$NEWNAME=stripSlashes($HTTP_POST_VARS["NEWNAME"]);
 		LogIt("$fsDir/$FN","renamed $FN to $NEWNAME",trperm_r);
 		safe_rename($fsDir,$FN,$NEWNAME);
 		break ;
 
 	case "NOTE" :  
+		$NOTE=stripSlashes($HTTP_POST_VARS["NOTE"]);
 		WriteNote("$fsDir/$FN","$NOTE");
 		break ;