From fa51c538aa423c5ea7da2c7ebc414fbbd52f820d Mon Sep 17 00:00:00 2001 From: Imanol Losada Date: Thu, 30 Apr 2015 11:23:27 -0500 Subject: [PATCH] Add true to parameter file_name in api_replace_dangerous_char because it will be only intended to evaluate file names --- main/inc/lib/api.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main/inc/lib/api.lib.php b/main/inc/lib/api.lib.php index e08b1c0ea0..09a9f323b7 100644 --- a/main/inc/lib/api.lib.php +++ b/main/inc/lib/api.lib.php @@ -5612,7 +5612,7 @@ function api_is_element_in_the_session($tool, $element_id, $session_id = null) { function api_replace_dangerous_char($filename, $strict = 'loose') { - return URLify::filter($filename, 250); + return URLify::filter($filename, 250, null, true); /* // Safe replacements for some non-letter characters. static $search = array(',', "\0", ' ', "\t", "\n", "\r", "\x0B", '/', "\\", '"', "'", '?', '*', '>', '<', '|', ':', '$', '(', ')', '^', '[', ']', '#', '+', '&', '%');