Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-18798

Filename corruption in ezbinaryfile table from ez4.30 - 2011.9

    XMLWordPrintable

    Details

      Description

      Please correct me if I am wrong, but it seems to me that we have a severe problem with files being uploaded to eZ Publish.

      I have found out that about half of the filenames in table ebinaryfile lacks the file suffixes.

      For instance - a pdf file is uploaded. When checking the table, I notice that the filename is

      cd16cfbd2f6566a64f7558dac5735e7d

      When it in fact should have been

      cd16cfbd2f6566a64f7558dac5735e7d.pdf

      I have been looking into this, and can reproduce the problem easily. See below.

      Steps to reproduce

      Using ez4.3.0 or any newer version up to 2011.9, edit any page and use the Online Editor to upload any pdf file.

      Now, check the filename of the file in table ezbinaryfile. You will see that it misses its .pdf suffix.

      Now, go to the media library of the site and upload a pdf file directly.
      Check the table ezbinaryfile. You will see that the file is uploaded correctly, maintaining the .pdf suffix of the filename.

      So, obviously this problem affects only some of the files being uploaded - the ones being uploaded using the Online Editor.

      If using the filename attribute for downloads of files, in Firefox, the files are possible to download as pdf:s even without the suffix being present. BUT - Internet Explorer launches a security warning, efficiently preventing the user to view the file. When using the original filename attribute, download seems to work in both browsers.

        Attachments

          Activity

            People

            • Assignee:
              unknown unknown
              Reporter:
              nilu Nicklas Lundgren
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated: