From 38415255255f69016c4f413d2eec78194bf1e2bc Mon Sep 17 00:00:00 2001
From: xevidos <xevidos@gmail.com>
Date: Wed, 6 Mar 2019 15:45:53 -0500
Subject: [PATCH] Made progress towards invalid character function

---
 components/filemanager/class.filemanager.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/components/filemanager/class.filemanager.php b/components/filemanager/class.filemanager.php
index 2dfdac6..40ce782 100755
--- a/components/filemanager/class.filemanager.php
+++ b/components/filemanager/class.filemanager.php
@@ -774,15 +774,16 @@ class Filemanager extends Common {
 		 * trying to rename or delete it, allow the actual file name.
 		 */
 		
-		echo var_dump( file_exists( $full_path ),($_GET['action'] == "modify"),($_GET['action'] == "delete" ), $path, $full_path );
 		
-		if( file_exists( $full_path ) && ( $_GET['action'] == "modify" || $_GET['action'] == "delete" ) ) {
+		
+		if( preg_match( '/[^A-Za-z0-9\-\._\/\ ]/', $path ) && ! ( $_GET['action'] == "modify" || $_GET['action'] == "delete" ) ) {
+			
+			exit( '{"status":"error","message":"Error, the filename contains invalid characters, please either rename or delete it."}' );
+		} elseif( preg_match( '/[^A-Za-z0-9\-\._\/\ ]/', $path ) && ( $_GET['action'] == "modify" || $_GET['action'] == "delete" ) ) {
 		} else {
 			
-			// Only allow certain characters in filenames
 			$path = preg_replace( '/[^A-Za-z0-9\-\._\/\ ]/', '', $path );
 		}
-		
 		return $path;
 	}
 }