X-Git-Url: https://git.sesse.net/?p=pr0n;a=blobdiff_plain;f=perl%2FSesse%2Fpr0n%2FWebDAV.pm;h=fe599303220f919f2a632c427dcab4a0a7c5d2ee;hp=49be2398aa4a5701c4e2ef720f63bb45af803b53;hb=7ed166d00c60530874566d5e67130464e6fc0415;hpb=6be9a26e71fc85e69cbbdbc95fc50d3569050921

diff --git a/perl/Sesse/pr0n/WebDAV.pm b/perl/Sesse/pr0n/WebDAV.pm
index 49be239..fe59930 100644
--- a/perl/Sesse/pr0n/WebDAV.pm
+++ b/perl/Sesse/pr0n/WebDAV.pm
@@ -109,7 +109,7 @@ EOF
 					dberror($r, "Couldn't get events");
 		
 				while (my $ref = $q->fetchrow_hashref()) {
-					my $id = $ref->{'id'};
+					my $id = $ref->{'event'};
 					my $name = $ref->{'name'};
 				
 					$name =~ s/&/\&/g;  # hack :-)
@@ -408,9 +408,9 @@ EOF
 		my $orig_filename = $filename;
 
 		# Remove evil characters
-		if ($filename =~ /[^a-zA-Z0-9._-]/) {
+		if ($filename =~ /[^a-zA-Z0-9._()-]/) {
 			if (defined($autorename) && $autorename eq "autorename/") {
-				$filename =~ tr/a-zA-Z0-9.-/_/c;
+				$filename =~ tr/a-zA-Z0-9.()-/_/c;
 			} else {
 				$r->status(403);
 				$r->content_type('text/plain; charset=utf-8');
@@ -602,7 +602,7 @@ EOF
 
 			# Try to insert this new file
 			eval {
-				$dbh->do('INSERT INTO images (id,vhost,event,uploadedby,takenby,filename) VALUES (?,?,?,?,?);',
+				$dbh->do('INSERT INTO images (id,vhost,event,uploadedby,takenby,filename) VALUES (?,?,?,?,?,?)',
 					undef, $newid, $r->get_server_name, $event, $user, $takenby, $filename);
 				$dbh->do('UPDATE events SET last_update=CURRENT_TIMESTAMP WHERE vhost=? AND event=?',
 					undef, $r->get_server_name, $event);