From: Franck VILLAUME <franck.villaume@capgemini.com>
Date: Thu, 12 Jul 2012 14:59:10 +0000 (+0000)
Subject: fix from Evolvis r18497: more secure params test
X-Git-Tag: v5.1.2~67
X-Git-Url: https://scm.fusionforge.org/anonscm/gitweb?p=fusionforge%2Ffusionforge.git;a=commitdiff_plain;h=7dc2a49e33981a876bd96464cbd4d90cc6836caa

fix from Evolvis r18497: more secure params test
---

diff --git a/src/common/docman/actions/addfile.php b/src/common/docman/actions/addfile.php
index 638a0442f8..0a68bdb155 100644
--- a/src/common/docman/actions/addfile.php
+++ b/src/common/docman/actions/addfile.php
@@ -6,6 +6,7 @@
  * Copyright 2002-2003, Tim Perdue/GForge, LLC
  * Copyright 2010, Franck Villaume - Capgemini
  * Copyright (C) 2011 Alain Peyrat - Alcatel-Lucent
+ * Copyright 2012, Thorsten Glaser - tarent solutions GmbH
  * http://fusionforge.org
  *
  * This file is part of FusionForge. FusionForge is free software;
@@ -52,7 +53,7 @@ if (!$doc_group || $doc_group == 100) {
 	session_redirect('/docman/?group_id='.$group_id.'&error_msg='.urlencode($return_msg));
 }
 	
-if (!$title || !$description || (!$uploaded_data && !$file_url && (!$editor && !$name))) {
+if (!$title || !$description || (!$uploaded_data && !$file_url && !$manual_path && (!$editor && !$name))) {
 	$missing_params = array();
 	if (!$title)
 		$missing_params[] = 'title';