From d692bce68674934a4af2e9cba79d65e72279b0a9 Mon Sep 17 00:00:00 2001
From: Michael Foster <savetheinternet@tinyboard.org>
Date: Wed, 31 Jul 2013 16:34:50 -0400
Subject: [PATCH] Fix issue #74. Note: This bug may break the display of
 certain filenames prior to upgrade.

---
 post.php                  | 6 +++---
 templates/post_reply.html | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/post.php b/post.php
index a82b56ad..8820db2d 100644
--- a/post.php
+++ b/post.php
@@ -284,7 +284,7 @@ if (isset($_POST['delete'])) {
 	$post['has_file'] = !isset($post['embed']) && (($post['op'] && !isset($post['no_longer_require_an_image_for_op']) && $config['force_image_op']) || (isset($_FILES['file']) && $_FILES['file']['tmp_name'] != ''));
 	
 	if ($post['has_file'])
-		$post['filename'] = utf8tohtml(get_magic_quotes_gpc() ? stripslashes($_FILES['file']['name']) : $_FILES['file']['name']);
+		$post['filename'] = urldecode(get_magic_quotes_gpc() ? stripslashes($_FILES['file']['name']) : $_FILES['file']['name']);
 	
 	if (!($post['has_file'] || isset($post['embed'])) || (($post['op'] && $config['force_body_op']) || (!$post['op'] && $config['force_body']))) {
 		$stripped_whitespace = preg_replace('/[\s]/u', '', $post['body']);
@@ -347,7 +347,7 @@ if (isset($_POST['delete'])) {
 	} else $noko = false;
 	
 	if ($post['has_file']) {
-		$post['extension'] = strtolower(substr($post['filename'], strrpos($post['filename'], '.') + 1));
+		$post['extension'] = strtolower(mb_substr($post['filename'], mb_strrpos($post['filename'], '.') + 1));
 		if (isset($config['filename_func']))
 			$post['file_id'] = $config['filename_func']($post);
 		else
@@ -414,7 +414,7 @@ if (isset($_POST['delete'])) {
 		$is_an_image = !in_array($post['extension'], $config['allowed_ext_files']);
 		
 		// Truncate filename if it is too long
-		$post['filename'] = substr($post['filename'], 0, $config['max_filename_len']);
+		$post['filename'] = mb_substr($post['filename'], 0, $config['max_filename_len']);
 		
 		$upload = $_FILES['file']['tmp_name'];
 		
diff --git a/templates/post_reply.html b/templates/post_reply.html
index bc96e74c..b0391f19 100644
--- a/templates/post_reply.html
+++ b/templates/post_reply.html
@@ -66,9 +66,9 @@
 			{% if config.show_filename and post.filename %}
 				, 
 				{% if post.filename|length > config.max_filename_display %}
-					<span class="postfilename" title="{{ post.filename|bidi_cleanup }}">{{ post.filename|truncate(config.max_filename_display)|bidi_cleanup }}</span>
+					<span class="postfilename" title="{{ post.filename|e|bidi_cleanup }}">{{ post.filename|truncate(config.max_filename_display)|bidi_cleanup }}</span>
 				{% else %}
-					<span class="postfilename">{{ post.filename|bidi_cleanup }}</span>
+					<span class="postfilename">{{ post.filename|e|bidi_cleanup }}</span>
 				{% endif %}
 			{% endif %}
 			{% if post.thumb != 'file' and config.image_identification %}