Commit 67393e96 authored by Carsten  Rose's avatar Carsten Rose

Merge branch 'F10358-Make-pdfunite-configureable' into 'develop'

F9686 - partly revert download filename sanitize

See merge request !261
parents ab47d43e 67f6cc9e
Pipeline #3399 passed with stages
in 3 minutes and 27 seconds
......@@ -7029,7 +7029,7 @@ Column: _savePdf
Generated PDFs can be stored directly on the server with this functionality. The link query consists of the following parameters:
* One or more element sources (such as `F:`, `U:`, `p:`, see download-parameter-files_), including possible wkhtmltopdf parameters
* The export filename and path as `d:` - for security reasons, this path has to start with *fileadmin/*
* The export filename and path as `d:` - for security reasons, this path has to start with *fileadmin/* and end with *.pdf*.
Tips:
......
......@@ -207,7 +207,7 @@ class Download {
// Possible output: "Unimplemented Feature: Could not merge encrypted files ('ct.18.06.092-097.pdf')"
$line = implode(',', $rcOutput);
if (false !== ($line = strstr($line, "Feature not implemented: Could not merge encrypted files ("))) {
if (false !== ($line = strstr($line, "Unimplemented Feature: Could not merge encrypted files ("))) {
$arr = explode("'", $line, 3);
if (!empty($arr[1]) && file_exists($arr[1])) {
......
......@@ -1529,8 +1529,8 @@ EOF;
// By default, qfq saves everything HTML encoded. E.g. in form ''' - decode them back to regual UTF-8 text.
$filename = html_entity_decode($vars[DOWNLOAD_EXPORT_FILENAME], ENT_QUOTES | ENT_XML1, 'UTF-8');
// Remove unsafe characters.
$vars[DOWNLOAD_EXPORT_FILENAME] = Sanitize::safeFilename($filename);
// Remove unsafe characters. For '... AS _savePdf' slashes have to be allowed.
$vars[DOWNLOAD_EXPORT_FILENAME] = Sanitize::safeFilename($filename, false, true);
return $vars;
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment