From bbafaccb5470958e1aae6b8a9c39142d5f82bb3d Mon Sep 17 00:00:00 2001
From: Retro_Guy <retro.guy@rocksolidbbs.com>
Date: Tue, 8 Jun 2021 05:30:09 +0000
Subject: [PATCH] Cleanup uploaded file names for db

---
 Rocksolid_Light/rocksolid/upload.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Rocksolid_Light/rocksolid/upload.php b/Rocksolid_Light/rocksolid/upload.php
index 772a8fc..26fcd8a 100644
--- a/Rocksolid_Light/rocksolid/upload.php
+++ b/Rocksolid_Light/rocksolid/upload.php
@@ -23,6 +23,7 @@ if(isset($_POST['username'])) {
 include "head.inc";
 
 if(isset($_FILES)) {
+   $_FILES[photo][name] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES[photo][name]);
 // Check auth here
     if(isset($_POST['key']) && password_verify($CONFIG['thissitekey'].$_POST['username'], $_POST['key'])) {
       if(check_bbs_auth($_POST['username'], $_POST['password'])) {