% $act = 'purged' if($attachnum and $purge);
% $act = 'undeleted' if($attachnum and $undelete);
% $act = 'deleted' if($attachnum and $delete);
-<% header('Attachment ' . $act ) %>
- <SCRIPT TYPE="text/javascript">
- window.top.location.reload();
- </SCRIPT>
- </BODY></HTML>
+<& /elements/popup-topreload.html, mt("Attachment $act") &>
% }
<%init>
or die "Illegal attachnum: ". $cgi->param('attachnum');
my $attachnum = $1;
+my $filename = $cgi->param('file');
+# strip directory names; thanks, IE7
+$filename =~ s!.*[\/\\]!!;
+
my $curuser = $FS::CurrentUser::CurrentUser;
my $delete = $cgi->param('delete');
else {
map { $new->$_($old->$_) }
('_date', 'otaker', 'body', 'disabled');
- $new->filename($cgi->param('filename') || $old->filename);
+ $new->filename($filename || $old->filename);
$new->mime_type($cgi->param('mime_type') || $old->mime_type);
- $new->title($cgi->param('title'));
+ $new->title( scalar($cgi->param('title')) );
if($delete and not $old->disabled) {
$new->disabled(time);
}
}
else { # This is a new attachment, so require a file.
- my $filename = $cgi->param('file');
if($filename) {
$new->filename($filename);
- $new->mime_type($cgi->uploadInfo($filename)->{'Content-Type'});
- $new->title($cgi->param('title'));
+ # use the original filename here, not the stripped form
+ $new->mime_type(
+ $cgi->uploadInfo( scalar($cgi->param('file')) )->{'Content-Type'}
+ );
+ $new->title( scalar($cgi->param('title')) );
local $/;
my $fh = $cgi->upload('file');