--- docman.php	2002/07/27 19:25:58	1.5
+++ docman.php	2002/07/27 19:45:28	1.7
@@ -1593,6 +1593,7 @@
 	$DIR=stripSlashes($HTTP_POST_VARS["DIR"]);
 	$RELPATH=stripSlashes($HTTP_POST_VARS["RELPATH"]);
 	$T=stripSlashes($HTTP_POST_VARS["T"]);
+	$CONFIRM=stripSlashes($HTTP_POST_VARS["CONFIRM"]);
 
 	// get
 	$A=stripSlashes($HTTP_GET_VARS["A"]);
@@ -1605,18 +1606,19 @@
 	switch ($HTTP_POST_VARS["POSTACTION"]) {
 	case "UPLOAD" :
 		$FN_name=stripSlashes($HTTP_POST_FILES["FN"]["tmp_name"]);
+		$FN=stripSlashes($HTTP_POST_FILES["FN"]["name"]);
 		if (!is_writeable($fsDir)) Error("Write denied",$relDir) ;
-		if (strstr($FN_name,"/")) 
-			Error("Non-conforming filename") ;
-		// TODO : should rather check for escapeshellcmds
-		// but maybe RFC 18xx asserts safe filenames ....
+
 		$source = $FN_name ;
 		if (! file_exists($source)) {
 			Error("You must select file with browse to upload it!");
 		}
+
 		$FILENAME = $HTTP_POST_VARS["FILENAME"];
+		if (strstr($FILENAME,"/")) 
+			Error("Upload error","Non-conforming filename. Filename <tt>$FILENAME</tt> has slashes (<tt>/</tt>) in it.") ;
 		if (! isset($FILENAME)) { 	// from update file
-			$target = "$fsDir/$FN_name" ;
+			$target = "$fsDir/".basename($FN_name);
 		} else {
 			$target = "$fsDir/$FILENAME";
 		}