As I was trying to understand why I cant directly upload the file to phpbb, since files->common_check gives an INVALID_FILENAME error, I noticed something strange. The system actually now uses clean_filename('unique' but it still checks the common_check before that, despite it no longer being relevant as the realname later gets replaced with the hash anyway...
To test this theory I tried to see what happens if I remove this check and indeed, it all works as expected (because clean_filename('unique') runs later on anyway...
the issue is in: /phpbb/phpbb/files/upload.php
Code: Select all
/*
// check Filename
if (preg_match("#[\\/:*?\"<>|]#i", $file->get('realname')))
{
$file->error[] = $this->language->lang($this->error_prefix . 'INVALID_FILENAME', $file->get('realname'));
}
*/