From 59df6bac004b8420b6b0d7eac156e137d184d59c Mon Sep 17 00:00:00 2001
From: Jakub Vrana <vrana@php.net>
Date: Fri, 10 Sep 2004 13:45:23 +0000
Subject: [PATCH] Security fix by Hartmut

git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@168304 c90b9560-bf6c-de11-be94-00142212c4b1
---
 features/file-upload.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/features/file-upload.xml b/features/file-upload.xml
index a63947f6df..4792103add 100644
--- a/features/file-upload.xml
+++ b/features/file-upload.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.78 $ -->
+<!-- $Revision: 1.79 $ -->
  <chapter id="features.file-upload">
   <title>Handling file uploads</title>
 
@@ -184,7 +184,7 @@
 // of $_FILES.
 
 $uploaddir = '/var/www/uploads/';
-$uploadfile = $uploaddir . $_FILES['userfile']['name'];
+$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
 
 print "<pre>";
 if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {