Removed base64_decode used against plaintext in downloadFile.php #3844
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was resulting in either garbled filenames when trying to download attachments, or causing the server to outright refuse the download due URL-unfriendly characters. It seems self-evident by the use of the basename() that the 'name' and 'extension' fields are stored in plaintext in the {prefix}_files table, so I can only assume this was a oversight and that it's still in the code since 3.0.0 because few people use the attachments feature.
Also, added the "." into the latter argument of the basename() function, as otherwise an extra "." would be be left at the end of the resulting string.
|
@nilsteampassnet Is there some misunderstanding here? I sent this pull request a while back after it helped me fix an issue where my users were unable to download their attachments. I am able to accept being told I'm wrong or that my solution is inadequate. I would just appreciate some feedback at this point, even if the merge itself might now be outdated. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This was resulting in either garbled filenames when trying to download attachments, or causing the server to outright refuse the download due URL-unfriendly characters. It seems self-evident by the use of the basename() that the 'name' and 'extension' fields are stored in plaintext in the {prefix}_files table, so I can only assume this was an oversight and that it's still in the code since 3.0.0 because few people use the attachments feature.