X-Git-Url: https://jasonwoof.com/gitweb/?a=blobdiff_plain;f=admin_files.php;h=d32b14d26e00405e867821d9aeefae537d2a711f;hb=4a77c4714474748eb99eb67ef29fa03612077d0a;hp=1531d9fdeb4f128c85bba4ed82f541394d8064ea;hpb=981eb0d01458cebf032955ef788c8c88a3a99428;p=wfpl-cms.git

diff --git a/admin_files.php b/admin_files.php
index 1531d9f..d32b14d 100644
--- a/admin_files.php
+++ b/admin_files.php
@@ -12,9 +12,9 @@ $GLOBALS['upload_directory'] = 'files/';
 $GLOBALS['filename_file_name'] = uniqid() . getmypid() . '.txt';
 
 
-require_once(DOCROOT . 'inc/wfpl/format.php');
-require_once(DOCROOT . 'inc/wfpl/email.php');
-require_once(DOCROOT . 'inc/wfpl/upload.php');
+require_once(__DIR__.'/'.'inc/wfpl/format.php');
+require_once(__DIR__.'/'.'inc/wfpl/email.php');
+require_once(__DIR__.'/'.'inc/wfpl/upload.php');
 
 function admin_files_get_fields() {
 	$data = array();
@@ -24,7 +24,7 @@ function admin_files_get_fields() {
 	#header('Content-Type: text/plain');
 	#print_r(array($_REQUEST['filename'], $_FILES['filename']));
 	#exit();
-	$filename_filename_tmp = format_filename($_FILES['filename']['name']);
+	$filename_filename_tmp = format_filename($_FILES['filename']['name'], true);
 	if(!$filename_filename_tmp) {
 		$filename_filename_tmp = $GLOBALS['filename_file_name'];
 	}
@@ -34,7 +34,7 @@ function admin_files_get_fields() {
 		if(_REQUEST_cut('delete_filename') == 'Yes') {
 			$data['filename'] = '';
 		} else {
-			$data['filename'] = format_path(_REQUEST_cut('old_filename'));
+			$data['filename'] = format_path(_REQUEST_cut('old_filename'), true);
 		}
 	}
 	unset($_FILES['filename']);
@@ -44,7 +44,7 @@ function admin_files_get_fields() {
 
 
 function admin_files_main() {
-	session_auth_must('manage_files');
+	session_auth_must('admin_files');
 
 	$id = _REQUEST_cut('edit_id');
 	if($id) {