var filename = attachment.get_filename().replace("/", "-").replace("\n", "").replace("\t", " ");
var fn = GLib.Environment.get_tmp_dir() +
- "/"+ this.active_name + "."+ filename;
+ "/"+ this.active_name + "."+ GLib.Uri.escape_string(filename,"", false);
var outfile = new GMime.StreamFile.for_path(fn, "w");
outfile.set_owner(true);
""".printf(
this.mysql_escape(this.active_message_exim_id),
chksum,
- this.mysql_escape( attachment.get_filename() ), // what is thsi is invalid?
+ this.mysql_escape( GLib.Uri.escape_string(attachment.get_filename(),"", false) ), // what is thsi is invalid?
file_size)
);
var target_fn = "";
if (StripApplication.opt_is_extracting) {
- target_fn = StripApplication.opt_target_path + "/" + this.created_dir +"/"+ file_id + "-" + filename;
+ target_fn = StripApplication.opt_target_path + "/" + this.created_dir +"/"+ file_id + "-" + GLib.Uri.escape_string(filename,"", false);
}
- var stored = "/" + this.created_dir +"/"+ file_id + "-" + filename;
+ var stored = "/" + this.created_dir +"/"+ file_id + "-" + GLib.Uri.escape_string(filename,"", false);
this.query("""
SELECT attachment_update_store(
rep.set_filename(filename);
string txt = "<html><body>"+
"<a href=\"" + StripApplication.opt_replace_link + "/" +
- file_id + "/" + this.created_dir + "/"+chksum+"/"+ GLib.Uri.escape_string( filename) +"\">" +
+ file_id + "/" + this.created_dir + "/"+chksum+"/"+ GLib.Uri.escape_string( filename, "", false) +"\">" +
GLib.Uri.escape_string( filename) + // fixme needs html escaping...
"</a>" +
"</body></html>";